OCR Publishes Quick-Response Cyberattack Checklist and Graphic for Healthcare Covered Entities and Business Associates

Cyberattack

compliments of mdmag.com

June 12, 2017. The Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) published on June 8, 2017 via its SecurityList “OCR Quick Response Cyber Attack Checklist and Graphic.” The Checklist is entitled: My entity just experienced a cyber-attack! What do we do now? – A Quick-Response Checklist from the HHS, Office for Civil Rights (OCR).

 

The subject areas in this document, for which important is provided in the document, are:

 

  • “Must execute its response and mitigation procedures and contingency plans.

 

  • “Should report the crime to other law enforcement agencies.

 

  • “Should report all cyber threat indicators to federal and information-sharing and analysis organizations (ISAOs).

 

  • “Must report the breach to OCR as soon as possible, but not later than 60 days after the discovery of a breach affecting 500 or more individuals.”

 

Be sure to read the footnoted information pertaining to these headings, much of which relates to complying with the HIPAA Privacy and Security Rules and the HITECH Act Breach Notification Rule.

 

The Graphic is entitled: Cyber-Attack Quick Response. The Graphic asks: “Experienced a ransomware attack or other cyber-related security incident? This Cyber-Attack Quick Response guide will explain steps that a HIPAA covered entity or its business associate should take to respond.” The Graphic should be reprinted and posted in break rooms, discussed in workforce member meetings, and included as a specific topic in safeguard training sessions. HIPAA Integrity® provides written policies and procedures and guidance for complying with events that are covered in the Checklist and Graphic.

Categories



Archives

  • October 2017 (1)
  • August 2017 (3)
  • July 2017 (1)
  • June 2017 (7)
  • May 2017 (12)
  • April 2017 (10)
  • March 2017 (2)
  • February 2017 (3)
  • January 2017 (4)
  • December 2016 (4)
  • November 2016 (7)
  • October 2016 (7)
  • September 2016 (2)
  • August 2016 (1)
  • July 2016 (3)
  • June 2016 (1)
  • May 2016 (1)
  • April 2016 (8)
  • March 2016 (6)
  • February 2016 (2)
  • December 2015 (1)
  • November 2015 (1)
  • October 2015 (4)
  • September 2015 (1)
  • June 2015 (8)
  • May 2015 (3)
  • April 2015 (2)
  • March 2015 (1)
  • November 2014 (1)
  • September 2014 (15)
  • August 2014 (6)
  • July 2014 (1)
  • June 2014 (13)
  • May 2014 (11)
  • April 2014 (13)
  • March 2014 (6)
  • February 2014 (12)
  • January 2014 (3)
  • December 2013 (1)