Ransomware in Healthcare Facilities: A Harbinger of the Future?

Document Type


Publication Date



Cybercriminals have begun to target the healthcare industry with ransomware, malware that encrypts an infected device and any attached devices or network drives. After encryption, cybercriminals demand a ransom before releasing the devices from encoding. Without adequate disaster recovery and backup plans, many businesses are forced to pay the ransom. We examined the extent of recent ransomware infections in healthcare settings, the risk liabilities and costs associated with such infections, and possible risk mitigation tactics. The methodology of this study was a literature review. The review was limited to sources published in English from 2005 to 2017. Of the 118 sources found, 74 were used in the results section. We also performed two semistructured interviews, one with an expert in health care law and the other with a chief information officer from a local teaching hospital who was an expert in healthcare information technology. Financial costs associated with business recovery after ransomware attacks on healthcare facilities are significant and are growing in both magnitude and scope. Other risks are a loss of future business and reputation damage. Research has suggested that the best plan of action is to have a proper business continuity and disaster plan with adequate data backups and to be vigilant in educating employees about the sources of ransomware to prevent potential attacks.


Copyright © 2018 AHIMA.