According to the Health Insurance and Accountability Act (HIPAA), all Ransomware infections need to be reported to the Department of Health and Human Services. This is to be handled as a breach because in the act of encrypting the file, the attacker has acquired the files and has impacted the the ability to access the data and maintain the integrity of the data.
As always, prevention is better than recovery but it isn’t always easy. This type of risk can appear to new but in reality, these threats have been around a long time. It is no different than a disk or storage failure. Therefore, the magic bullet is to have adequate backups of all data and systems as required by HIPAA. Never have patient health information (PHI) stored where it cannot be backed up, or in a copy that can be replaced by restoring the data to its pre-encryption state. The best idea is to only work with copies and never original data.