Looking for a Business Associate Agreement? Download our FREE starter template.
Total HIPAA Logo

WannaCry Ransomware Protection with HIPAA

WannaCry, WannaCrypt, Wana Decryptor or WCry, whatever it is called, ransomware has been spreading through over 150 countries and many are concerned for good reason. The WannaCry malware attack is the largest ransomware attack to date.

The attack started on Friday (5/12/17and locks people out of their computers, encrypts their data, and demands them to pay up to $300 in bitcoin to receive a decryption key. The price then doubles after three days and if the ransom is not paid, all files are permanently deleted. To add insult to injury, WannaCry also behaves like a worm; the malware can potentially infect computers and servers on the same network.1

The ransomware was slowed by a single security analyst last week after discovering a kill switch in WannaCry’s code. Since then, WannaCry has been updated without the kill switch, allowing it to grow further. The attack has now reached over 150 countries and around 216,000 computers.2

Here at Total HIPAA, we offer resources and services to help you figure out what to do next in preventing you and your organization from becoming a victim to ransomware and any other type of malware attacks. Health and Human Services Office of Civil Rights (OCR) has recently posted guidance on HIPAA specific to ransomware. OCR reaffirms that implementing HIPAA standards will provide safeguards against WannaCry and malicious software.

Read through the sections on areas we suggest you cover to reevaluate your business structure. There are blog articles we previously posted to help give guidance on topics that still may be questionable for your business.

3rd Party Vendors and Contractors

When looking into those 3rd party vendors and contractors hired to do a specific duty or there temporarily need to be properly handled for liability concerns. Your vendors, and, at times, your contractors will be considered business associates under HIPAA.


Passwords are simplest and best preventative measure a user can do to help protect your organization’s network.

Ransomware and Malware Best Practices

Ransomware and malware are continuing to grow; read what you need to know about both and what you should do to prevent malicious attacks on your system.

Update Software

Microsoft Windows users were the prime targets in WannaCry’s attack. Make sure your versions are constantly updated and BitLocker 2 is enabled on your computer.


Encryption will keep hackers and viruses from using your files against you. By encrypting your devices, anyone who attempts to retrieve your information will receive it in an unreadable format. And since many of the attacks are through email and their attachments, an email encryption solution can be very useful (and highly recommend!). Using the cloud can cover you if you fall victim to ransomware because any files stored through your file sharing application can help you regain access without having to pay a dime to criminals.

  1. CNET – How to protect yourself from WannaCry ransomware
  2. DataBreachToday – Teardown: WannaCry Ransomware

Sharing is caring!

Does your organization comply with HIPAA?

Find out if your organization needs to comply with HIPAA using our simple, fast, online questionnaire.

Start Questionnaire →

Save & Share Cart
Your Shopping Cart will be saved and you'll be given a link. You, or anyone with the link, can use it to retrieve your Cart at any time.
Back Save & Share Cart
Your Shopping Cart will be saved with Product pictures and information, and Cart Totals. Then send it to yourself, or a friend, with a link to retrieve it at any time.
Your cart email sent successfully :)