Ransomware is a type of malicious software, or “malware,” that encrypts files on your device or computer and then demands payment in exchange for the key needed to decrypt the files. It essentially locks you out of your data and holds the means of regaining access for ransom.
In recent months, large Canadian institutions such as universities and hospitals have reported having their computer networks or systems attacked by some form of ransomware. Clearly, this software has become an increasingly common and serious threat to the security of electronic records. To help public organizations and healthcare facilities protect themselves, we have published a new technology fact sheet outlining various strategies for protecting information and how to respond to an attack.
We recommend a number of administrative and technological approaches organizations may take to help meet their legislative requirements as outlined in Ontario’s freedom of information and privacy laws. These approaches include employee training, limiting user privileges, software protections and more.
This fact sheet is the first in a new series to provide institutions and organizations with information about how new and emerging technologies may affect the privacy and access rights of individuals. Each fact sheet will introduce the basic concepts and techniques of a particular technology and outline key issues to consider.