Type “EHR” and “information security” into Google and you will find tons of Internet websites, news articles, and even YouTube videos on touting the various plusses and minuses of electronic health records, or EHR. In the last few years, the EHR has become the physician’s best friend, as it helps provide better care, better population health and lower heath care costs. While EHRs might be changing the way hospitals and practice offices operate, there are still issues with using EHRs securely. According to the HHS Office of Inspector General, nearly “60 percent of hospitals participating in the federal meaningful use incentive program reported an unplanned disruption in their record systems in 2014 and 2015.” [Note that the meaningful use program is a federally backed program designed to encourage adoption of EHRs by doctors and hospitals]. It is also important to note that most of the reported unplanned disruptions were caused by hardware failure, not from cyber attacks. While hardware failures are a concern, cyber attacks should also be at the top of the list. Hospitals are facing an increasing number of directed cyberattacks aimed at disrupting and disabling the IT and health record infrastructure.