Case Study $4$

Details of the Cyberattack

Unlike the other centres among these four case studies, this centre had no IT personnel onsite who could

understand and manage the attack. They had transitioned from a private IT vendor to a hospital$-$based IT vendor. The centre was also in the middle of the three$-$year IT implementation plan that was proposed by their current vendor. One of the items identified in this plan was to have the centre$$s systems, which were currently being backed up onsite, moved to an offsite backup location at the hospital. In the interim, the new IT vendor was relying on the onsite backup. However, this backup was not being done on a segregated server.The cyberattack was initiated when a user clicked on a link containing the ransomware. Soon after, the centre determined

that no one could access email. An urgent call was made to the IT vendor, who discovered that the Exchange server had been compromised through a

ransomware infection. They also found that the local backup had been encrypted. The Executive Director remembered that the previous vendor had created a disaster recovery backup on a segregated server and asked the current vendor to look into

this. Unfortunately, this process took almost three days. After a lot of finger$-$pointing between vendors, the centre was able to restore their environment.

The Executive Director recommends that if anyone is planning to switch vendors, they should ensure that their new vendor is fully familiar with the organization$$s entire network infrastructure. It is also highly recommended that centres regularly test their Business Continuity Plan $($BC P$)$ and Disaster

Recovery $($DR$).$

Insurance

The centre did reach out to their insurer who indicated that since they were not negotiating with the

cyberattackers, they would not intercede.

Costs

Costs were associated with staff time including staff working directly on the restore and the tremendous amount of follow$-$up work that had to be done. The centre had to resort to faxing and phones as there was no access to emails during this time.

Data Security Case Study

After reading the case study, discuss the following:

$1.$ Describe each case study?

$2.$ What were the effects of each breach?

$3.$ How could healthcare information technology and technical

safeguards aid in these situations?

$4.$ What else could have been done to prevent the breaches?