PSC No Spin LIVE

Ransomware and Plastic Surgery Patient Privacy

Ransomware and Plastic Surgery Patient Privacy

With the latest massive ransomware attack that affected virtually the entirety of England’s National Heath Service system, physicians everywhere are reminded of the importance of patient privacy. Private practices may not always be the go-to target for ransomware attacks, but safeguards always need to exist and be up-to-date in order to protect privacy.

Board certified plastic surgeons of private practices discuss ransomware in the latest episde of No Spin Live, addressing why it’s important for them and their employees to be vigilant.

Thieving Patient Photos for Ransom

When it comes to plastic surgery – one of the more personal areas of medicine for patients, it’s crucial for many to retain anonymity before, during, and even after the process is complete. As can be seen with the recent NHS ransomware attack, large organizations are usually at risk most, but small practices are certainly not immune.

An event may occur as follows. An email may be sent to an account on an office server and if it is opened by the physician or staff, the entire server could be compromised. The differentiator between ransomware and typical malware is the software demands users on infected systems to pay a ransom in order for the insidious software to be lifted. This puts the user often in a precarious position – do we pay the ransom? Wipe the servers and restore from a backup (this is why backups are incredibly important!)? Or see what happens?

Ransomware and plastic surgery.

The fallout could be nothing, or it could break patient privacy laws and thus hurt the practice severely.

“I think it’s definitely something that’s important to us. Our patients HIPAA privacy, credit cards, photos – it’s super important that we keep that safe,” says board certified plastic surgeon Dr. Jason Pozner, who has a private practice in Florida. “But just like the government, we’re prone to hacking. It’s in our best interests to keep our patients safe, their information safe. Patients send us all photos from out of town and I try to make sure there’s no information on the patient in those emails, no faces that goes with bodies. It’s all very critical.”

Constant Vigilance from More than Just the Physician

While a physician or practice manager may be very fluent in preventing such attacks, it’s of extreme importance for all employees who engage in server systems to understand what to do with suspicious emails. One innocent click could cost a practice dearly.

“It’s not just us as the provider, it’s also everyone in our office – all of our staff, all of the people that come into contact with these patients and potentially interact with them electronically,” explains Dr. Jason Cooper, a board certified plastic surgeon who also has a private practice in Florida. “A lot of our staff are taking photos of patients – they’re the ones that take the pre and post operative photos and catalogue them. It’s just tantamount that everyone is on the same page and that there are policies and procedures internally for how these things are handled.”

To Pay or Not To Pay

If calamity transpires, it can be a difficult decision to give in to hacker demands, or spend considerable time and perform potentially risky maneuvers to undo the damage. Dr. Steven Teitelbaum, a board certified plastic surgeon in Los Angeles, had ransomware attack his own person computer and he had to make quick decisions as to how to rectify the issue before it could infect his practice’s system.

“I already had a ransomware attack on my personal computer and I’m as religious as possible about opening suspicious emails,” Dr. Teitelbaum explains. “I debated a lot whether to buy the bitcoins and do it, but finally what I did was gut my computer, threw out the hard drives, and put in hard drives and restored from a backup. That’s what I ended up doing, but thank God it didn’t get into the office system.”

Click to add a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

PSC No Spin LIVE

More in PSC No Spin LIVE

Scrotox - Yes, the Combination of Botox with Scrotums.

Scrotox – Yes, the Combination of Botox with Scrotums

Daniel A. Del Vecchio, MDSeptember 25, 2017
Be careful what you wish for with large breast implants.

Be Careful What You Wish For With Large Breast Implants

Caroline Glicksman, MDSeptember 19, 2017
Australia Reports Higher Incidence of Breast Implant-Associated ALCL.

Australia Reports Higher Incidence of Breast Implant-Associated ALCL

Bruce W. Van Natta, MDSeptember 18, 2017
Size 6 Beauty Queen Told She's "Too Big"

Size 6 Beauty Queen Told She’s “Too Big”

Caroline Glicksman, MDSeptember 14, 2017
Live Streaming Plastic Surgery, Is It Right?

Live Streaming Plastic Surgery, Is It Safe?

Jason Pozner, MDSeptember 1, 2017
Vladimir Putin and Injectable Fillers for Men

Vladimir Putin and Injectable Fillers for Men

Richard J. Zienowicz, MDAugust 28, 2017

Pornhub Signals The Drooping Popularity of Big Breasts

Sean Doherty, MDAugust 25, 2017
Is 39 Too Young for a Facelift?

Is 39 Too Young for a Facelift?

Patricia McGuire, MDAugust 21, 2017
Headline News - Did Kylie Jenner Get Implants?!

Headline News – Did Kylie Jenner Get Implants?!

Jason Pozner, MDAugust 15, 2017