Ransomware is not going away
The Department of Homeland Security has issued an alert about this topic dated 3/31/2016 reported today about new variants of ransomware such as Locky and Samas are affecting hospital network computers throughout North America. In conjunction with Canadian Cyber Incident Response Centre (CCIRC) US DHS brings the subject into focus in an official capacity. The fear of doing something electronically increased this event and I can gather most of this is preventable for all of the usual suspects. Click on a link reflective action. Guilt based on network. Fear of being caught with hand in cookie jar. That sort of thing.
- Employ a data backup and recovery plan for all critical information.
- Use application whitelisting to help prevent malicious software and unapproved programs from running.
- Keep your operating system and software up-to-date with the latest patches.
- Maintain up-to-date anti-virus software, and scan all software downloaded from the internet prior to executing.
- Restrict users’ ability (permissions) to install and run unwanted software applications, and apply the principle of “Least Privilege” to all systems and services.
- Avoid enabling macros from email attachments. This means that PDFs so important to our business day may have to come from a third party source.
- Do not follow unsolicited Web links in emails.
Sounds pretty boilerplate, does not it. Almost a “duh” moment. However, our job as IT pros is to prevent users from themselves.
ER Overcrowding continued difficulties
Having personal experience with a big-city ER on a weekend day got my attention for this story. When you have a system that requires the patients be seen regardless of condition and ability to pay in one of the richest countries in the world, issues arise. There are ways to mitigate this that some hospitals nationwide are doing, such as freestanding ER clinics. House calls for treatment conditions not requiring emergency care along with other “adventurous” options.
Community paramedicine or mobile integrated healthcare-community paramedicine (MIH-CP) is a new concept to me, which can include transport “ambulances” that are closer to the local community, such as Fire Stations and Community Precincts. Pair a Nurse Practitioner with a Paramedic and cover the most common illnesses in a vehicle at a cheaper rate than Medic and preferably on-site with telemedicine from the patient’s personal physician, or someone at “headquarters” that is staffing a “call center” to guide the patient through sticky wickets beyond the on-site staffers reach. Then an ER admission would be reserved for life-threatening or altering injuries or conditions. My situation would have called for urgent care, since an X-Ray was taken, looked at, and decided to place this on me so I can see a follow-up with an Orthopedic Specialist. Medicare and Medicaid in NC and some other states do not lend itself to other options that are not out-of-pocket upfront expenses. Not everyone can have BCBSNC, Aetna, or other private insurance regardless of subsidies and other aspects of Obamacare not brought up here. An ideal system would allow Urgent Care, CVS Minute Clinic, Walgreens’ Take Care Clinic, et cetera, to perform these functions as a health issue without being financially driven. Regardless where healthcare interactions occur, they must be protected and Compliance is not an option.