California State Senator Introduces Legislation to Stiffen Penalties for Hackers | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

California State Senator Introduces Legislation to Stiffen Penalties for Hackers

February 22, 2016
by Heather Landi
| Reprints
Click To View Gallery

In the wake of the recent ransomware attack at Hollywood Presbyterian Medical Center that crippled the hospital’s information systems for more than a week, California State Senator Bob Hertzberg has introduced legislation that makes ransomware attacks a crime equivalent to extortion.

According to a press release from Sen. Hertzberg’s office, the proposed bill, SB 1137, outlaws the practice of infecting any computer, system or network with ransomware and states that a person engaged in the activity could be convicted of a felony and be given a sentence of up to four years in prison.

“Nearly every day we read in the news about data breaches and online criminal activity,” Hertzberg said in a statement. “We must be clear that we will not tolerate this kind of conduct, and that using modern tactics to engage in age-old thuggery of ransom and extortion do not change the seriousness of the crime.”

As previously reported by Healthcare Informatics, Hollywood Presbyterian Medical Center announced last Thursday that it had paid the hackers 40 Bitcoins, or about $17,000, to regain control of its computer systems after a ransomware attack Feb. 5 affected the operation of the hospital’s enterprise-wide information system.

HPMC president and CEO Allen Stefanek said in a statement last week that hospital staff noticed issues accessing the hospital’s computer network on Feb. 5 and the hospital’s IT department began an immediate investigation and determined it had been subject to a malware attack.

“The malware locked access to certain computer systems and prevented us from sharing communications electronically. Law enforcement was immediately notified. Computer experts immediately began assisting us in determining the outside source of the issue and bringing our systems back online,” he stated.

Stefanek also said, “The malware locks systems by encrypting files and demanding ransom to obtain the decryption key. The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this.”

Stefanek also said the incident did not affect the delivery and quality of patient care. “Patient care has not been compromised in any way. Further, we have no evidence at this time that any patient or employee information was subject to unauthorized access,” he said.

However, for more than a week, hospital staff could not pull up electronic patient medical records and were registering patients on paper and communicating via fax lines.

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



Adam Boehler Tapped by Azar to Serve as Senior Value-Based Care Advisor

Adam Boehler, currently director of CMMI, has also been named the senior advisor for value-based transformation and innovation, HHS Secretary Alex Azar announced.

Vivli Launches Clinical Research Data-Sharing Platform

On July 19 a new global data-sharing and analytics platform called Vivli was unveiled. The nonprofit group’s mission is to promote, coordinate and facilitate scientific sharing and reuse of clinical research data.

Survey: More Effective IT Needed to Improve Patient Safety

In a Health Catalyst survey, physicians, nurses and healthcare executives said ineffective information technology, and the lack of real-time warnings for possible harm events, are key obstacles to achieving their organizations' patient safety goals.

Physicians Still Reluctant to Embrace Virtual Tech, Survey Finds

While consumers and physicians agree that virtual healthcare holds great promise for transforming care delivery, physicians still remain reluctant to embrace the technologies, according to a new Deloitte Center for Health Solutions survey.

Geisinger, AstraZeneca Partner on Asthma App Suite

Geisinger has partnered with pharmaceutical company AstraZeneca to create a suite of products that integrate into the electronic health record and engage asthma patients and their providers in co-managing the disease.

Analysis: Healthcare Ransomware Attacks Decline in First Half of 2018

In the first half of 2018, ransomware events in major healthcare data breaches diminished substantially compared to the same time period last year, as cyber attackers move on to more profitable activities, such as cryptojacking, according to a new report form cybersecurity firm Cryptonite.