Following the most recent ransomware attack, known as NotPetya, (among other nicknames), many health care entities were victims of the ransomware, which prompted the Office of the National Coordinator (ONC) to issue guidance to assist health care entities in the aftermath.

In two separate warnings/updates, ONC provides guidance to health care entities on what to do if they are a victim of a ransomware attack, mitigating against the threat (which was updated in the second guidance to provide information about the vaccine that a security researcher found), resources available to health care entities, including US-CERT and the health sector ISAC and ISAO resources.

In the second alert, ONC states that it continues to monitor the on-going impacts to the health care sector, including “tracking the resolution of port closures, medical data software availability, and impacts to pharmaceutical companies and we will report to you if we become aware of any long-term impacts to the HPH Sector.”

The guidance can be accessed here.