Anywhere Hospital was attacked by WannaCry, a type of malware, and is
unable to
Anywhere Hospital was attacked by WannaCry, a type of malware, and is
unable to access the EHR. The hospital is routing patients to other
emergency rooms, canceling elective surgeries, and is struggling to
treat patients. They are not able to identify allergies, past medical
history, and other critical health information. A ransom of $20,000 was
requested. The chief security officer and the chief executive officer
conferred and decided to pay the ransom since they could easily come up
with the amount requested. They felt it would be cheaper to pay the
ransom than lose patient revenue. They were also concerned with the
possibility of providing poor quality of care during this time and were
afraid that the hospital could lose the respect of the community. They
paid the ransom using bitcoin and were given the key to access the data.
Should the hospital have paid the ransom? Justify your stance.
Identify security methods that may have prevented this infection of their EHR.
