What to do if you are a Ransomware victim – latest guidance from HHS

In an earlier post, Clint Eschberger explained that the Best Defense Against Ransomware is a Good Backup. So hopefully your backups are in order - multiple, off-site, and tested.

In addition to your internal processes for getting your organization back online, the HHS just issued the following guidance for reporting ransomware incidents and obtaining guidance.


If  your organization is the victim of a ransomware attack, HHS recommends the following steps:

  1. Please contact your FBI Field Office Cyber Task Force (www.fbi.gov/contact-us/field/field-offices) or US Secret Service Electronic Crimes Task Force (www.secretservice.gov/investigation/#field) immediately to report a ransomware event and request assistance. These professionals work with state and local law enforcement and other federal and international partners to pursue cyber criminals globally and to assist victims of cyber-crime.
  2. Please report cyber incidents to the US-CERT (www.us-cert.gov/ncas) and FBI’s Internet Crime Complaint Center (www.ic3.gov).
  3. If your facility experiences a suspected cyberattack affecting medical devices, you may contact FDA’s 24/7 emergency line at 1-866-300-4374. Reports of impact on multiple devices should be aggregated on a system/facility level.
  4. For further analysis and healthcare-specific indicator sharing, please also share these indicators with HHS’ Healthcare Cybersecurity and Communications Integration Center (HCCIC) at HCCIC@hhs.gov

A Happy & Secure July 4th to all!

Julie Rennecker, PhD, BSN
About the Author

Julie Rennecker, BSN, PhD is an organizational development consultant specializing in the people and process challenges related to healthcare technology change. With 10 years bedside clinical experience (ICU, ER, behavioral health), a PhD in Organizational Behavior from MIT’s Sloan School of Management, five years on the Information Systems faculty at Case Western Reserve University, and more than 15 years’ research and consulting experience, she brings a unique synthesis of clinical, academic, and industry experience to bear on client problems and opportunities. She holds a Certificate in Health IT and Health Information Exchange from the University of Texas and is a credentialed EpicCare Ambulatory trainer.

%d bloggers like this: