Your Money or Your Patients Life? Ransomware and Electronic Health Records

Authors

I Glenn Cohen, Harvard Law School
Sharona Hoffman, Case Western University School of LawFollow
Eli Y. Adashi, Brown University Medical School

Abstract

Ransomware, software that requires users to pay a ransom in order to access their digitally-stored information, poses specific risks to healthcare providers and to the patients whose private health data is jeopardized by ransomware attacks. Under the existing legal framework, providers who have been victimized by a data breach may be subject to government scrutiny and penalties. Additionally, institutional victims may be liable to tort suits filed by patients whose privacy has been compromised. This article discusses potential strategies for addressing healthcare-related ransomware attacks and the need for comprehensive solutions.

Keywords

Ransomware, HIPAA, Hospital, Privacy

Publication Date

2017

Document Type

Article

Publication Information

167 Annals of Internal Medicine 587 (2017)

Repository Citation

Cohen, I Glenn; Hoffman, Sharona; and Adashi, Eli Y., "Your Money or Your Patients Life? Ransomware and Electronic Health Records" (2017). Faculty Publications. 2102.
https://scholarlycommons.law.case.edu/faculty_publications/2102