Ransomware and HIPAA Training

What is Ransomware?

HIPAA and Prevention

Recovery from Ransomware

Detecting Ransomware

Breaches and Reporting

100

Ransomware is a type of _______ software designed to block access to data.

What is malicious or malware?

100

The HIPAA rule designed to protect electronic protected health information (ePHI).

What is the Security Rule?

100

Frequent _______ are essential to recovering data after a ransomware attack.

What are backups?

100

Clicking on a suspicious _______ can be an early sign of ransomware.

What is a link or file?

100

If ePHI is encrypted by ransomware, this is considered a _______ unless proven otherwise.

What is a breach?

200

Ransomware typically encrypts data and demands payment in _______.

What is cryptocurrency?

200

One key prevention strategy under HIPAA is training employees to detect and report _______.

What is malicious software?

200

Backups should be stored _______ to protect them from ransomware.

What is offline?

200

An unexplained increase in _______ activity can indicate a ransomware attack.

What is CPU or disk?

200

A breach must be reported to affected individuals and this federal agency.

What is the Department of Health and Human Services (HHS)?

300

True or False: Ransomware can also destroy or steal data.

What is True?

300

Limiting access to ePHI is done through _______ controls.

What are access controls?

300

This plan helps organizations prepare for emergencies like ransomware attacks.

What is a contingency plan?

300

Ransomware often alerts the user of its presence to demand _______.

What is payment?

300

he four factors considered in a risk assessment include the extent of the PHI involved, the unauthorized person, whether it was viewed, and _______.

What is the extent to which the risk was mitigated?

400

The key used to decrypt data encrypted by ransomware is known only to _______.

Who are the hackers?

400

Conducting this process helps identify risks and vulnerabilities to ePHI.

What is a risk analysis?

400

Test restorations are conducted to verify the _______ of backed-up data.

What is integrity?

400

These tools can detect suspicious communications between ransomware and hackers.

What are intrusion detection systems?

400

PHI encrypted before an attack and secured according to HIPAA standards may not require _______.

What is breach notification?

500

The most common form of payment requested by hackers in a ransomware attack.

What is Bitcoin?

500

Updating this software can prevent security breaches caused by outdated technology.

What is firmware?

500

The organization responsible for assisting ransomware victims and pursuing cybercriminals.

What is the FBI or Secret Service?

500

The first step in responding to ransomware is activating the _______ plan.

What is a security incident response plan?

500

A reportable breach must also be disclosed to this group if over 500 individuals are affected.

What is the media?