The Department of Health and Human Services Office for Civil Rights (OCR) has developed new resources to explain the steps to take in response to a cybersecurity incident.
The resources — designed for entities covered by the Health Insurance Portability and Accountability Act or their business associates — include a cybersecurity checklist and corresponding infographic. The checklist directs affected organizations on:
- executing response and mitigation procedures and contingency plans;
- reporting the crime to law enforcement agencies;
reporting cyber threat indicators to federal agencies and information-sharing and analysis organizations; and
reporting breaches to OCR as soon as possible, but no later than 60 days after the discovery of a breach affecting 500 or more individuals.
America’s Essential Hospitals has established a resource page dedicated to cybersecurity threats. Visit this page for new and updated information.
Contact Director of Policy Erin O’Malley at firstname.lastname@example.org or 202.585.0127 with questions.