In another unfortunate trend for Ohio in 2024, Wood County had experienced a ransomware attack that has prevented them from accessing their electronic records management system. As seen in the article found here, while the attack is not impacting public services, the county is resorting to using pen and paper to record emergency calls as well as preventing them from accessing historical police records.
Just like water or a fire damaging paper records, your electronic records are vulnerable to disasters and disruptions to business like these cyberattacks. There are several things your office should keep in mind:
- Understand where your records are on your network as well as who has permission to those files. ARMA International has a great article on defining data maps found here. This will also help identify where your vital records are, those records integral to your business operations and should be recovered quickly.
- Have your IT routinely backup your electronic records as well as run updates to system software/antiviruses/network firewalls.
- Provide mandatory cybersecurity training to your office staff to educate them on identifying fraudulent requests and the steps to report on them.
- Clean up electronic records that have met their applicable records retention schedules and are no longer needed. The less files there are on your network, the less files that could be potentially stolen from your office.
- Finally, establish continuity of operations plan (COOP) in place to define the policies and procedures to respond to an emergency or disaster. Have a COOP plan in place will allow a swifter restart of your operations. FEMA has a brief brochure describing a COOP plan found here.