25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

NRC Health Recovering from Ransomware Attack

Posted By on Feb 24, 2020

NRC Health, a provider of patient survey services and software to more than 9,000 healthcare organizations, including 75% of the largest hospital systems in the United States and Canada, experienced a ransomware attack on February 11, 2020 that affected some of its computer systems.

NRC Health immediately took steps to limit the harm caused and shut down its entire environment, including its client-facing portals. A leading computer forensic investigation firm was engaged to determine the nature and extent of the attack and the incident has been reported to the Federal Bureau of Investigation.

According to the NRC Health website, the data of more than 25 million healthcare consumers in the United States and Canada is collected by NRC Health every year. Patient surveys conducted by NRC Health on behalf of its clients allow them to prove that patients are satisfied with the services they have received. That information is important for helping to improve patient care and also for determining how much Medicare reimbursement healthcare providers receive under the Affordable Care Act. Healthcare clients also used patient satisfaction scores to determine how much executives and physicians get paid.

NRC Health said significant progress has been made restoring its systems and services to customers and a full recovery is expected in the next few days. Notifications have been sent to its healthcare clients informing them about the attack and updates are being provided to clients on a daily basis until the incident is fully resolved. In the notifications NRC Health said the initial findings of the investigation suggest no patient data or sensitive client information has been compromised.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Ransomware attacks on healthcare organizations have increased over the past year, after a fall in attacks in 2018. Several threat groups have taken to stealing patient data prior to the deployment of ransomware to encourage victims to pay the ransom demands. According to a recent analysis by Comparitech, there have been 172 healthcare ransomware attacks since 2016. Those attacks have cost the healthcare industry at least $157 million.

Correction: This article has been updated since publication to correct a factual error. The article incorrectly stated 63,581 patients had been affected.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist