Business Plan Proposal for Ransomware Support Services (Preparation, Operations and Recovery)

Healthcare organizations are increasingly being targeted for ransomware cyber-attacks. Xtelligent Health IT Security reports that ransomware attacks more than doubled in 2019. The HIPAA Journal reports that healthcare is now the most heavily targeted of all industries. This business plan proposes to define, organize, finance and market a new service line within an existing multi-specialty group with the express purpose of serving the healthcare industry and our community by better preparing physician groups to avoid, survive and recover from these cyber-attacks. Small and medium-sized group practices typically do not have the internal resources to adequately develop a cyber-attack prevention and recovery plan. HIPAA-required security plans do not address these unique and potentially catastrophic events. Without proper preparation, physician groups are easy targets for cyber-criminals. As a large and entrepreneurial multi-specialty group, the clinic is well-positioned to use their history and hard-learned lessons to benefit the medical group practice industry by providing professional services that will educate and equip other medical groups in implementing effective I.T. structures, financial tools, staff awareness, operational safety nets, recovery plans and governmental compliance with required actions.

The new cyber-attack defense business line will be staffed by a combination of Information Technology (I.T.) and Clinic Operations with additional support from the Finance and Compliance departments.