Healthcare has been the most affected industry by ransomware, data breaches, and hacks. Every week there is news of yet another provider that has been hacked. In multiple cases, this has led to practices shutting down, and patients not even able to get their medical records. The guidance provided to many providers has not specifically addressed what organizations need to do to protect their patients and themselves. There has not been a specific list and toolset they can use to protect themselves, especially against the onslaught of attacks that take advantage of decreased security due to COVID-19.
In addition, there have been many snake oil companies out there that have only provided risk assessments, costing smaller providers tens of thousands of dollars, while not delivering anything of value. We want to change that and provide maximum value and immediate returns.
We want people to take what we've developed and released here and use it as guidance for developing their own information security programs at small practices while not wasting money for info they will not use. Our families and friends use these providers and give them their most personal information. We want to make sure that we give back. If we stop at least one attack and protect the information of those patients with this information, it's worth it.
Instead of a toolkit that is meant to demonstrate exploits, or a framework that takes a long time to implement, we're giving something that anyone can use to help their local providers out in securing the information their patients entrust them with.