« No Network Scanning = Willful Neglect! | Main | Cloud leads to larger and larger data breaches? »

June 09, 2017

HHS WannaCry Guidance Summarized!

You can see the full text of the most recent guidance here. The takeaway from HHS' guidance post WannaCry can be summarized as (1) Contingency Plans (see below); and (2) Network Scans.

My entity just experienced a cyber-attack! What do we do now?
A Quick-Response Checklist from the HHS, Office for Civil Rights (OCR)


Has your entity just experienced a ransomware attack or other cyber-related security incident, and you are wondering what to do now? This guide explains, in brief, the steps for a HIPAA covered entity or its business associate (the entity) to take in response to a cyber-related security incident. In the event of a cyber-attack or similar emergency an entity:

  1. Must execute its response and mitigation procedures and contingency plans...
  2. Should report the crime to other law enforcement agencies...
  3. Should report all cyber threat indicators to federal and information-sharing and analysis
    organizations (ISAOs)...
  4. Must report the breach to OCR as soon as possible, but no later than 60 days after the
    discovery of a breach affecting 500 or more individuals...

OCR considers all mitigation efforts taken by the entity during in any particular breach investigation.

Such efforts include voluntary sharing of breach-related information with law enforcement agencies
and other federal and analysis organizations as described above.

FREE Webinar!
 
Description:
This webinar will summarize the lessons learned by the healthcare industry from WannaCry & perform a postmortem on WannaCry's impact.
  
Date and Time, including Time Zone 
June 15, 2017 2:00 EST

 
Looking for a simplified way to keep up with HIPAA?  For a limited time, we are making available our "Showing HHS Visible, Demonstrable, Evidence" webinar when you sign up for our FREE monthly newsletter

 

Posted at 09:03 AM |

Comments

The comments to this entry are closed.

My Photo

About

NEWSLETTER


  • ACO COMPLIANCE NEWSLETTER

    Join My ACO Mailing List

  • Email Newsletter icon, E-mail Newsletter icon, Email List icon, E-mail List icon
    Sign up for a FREE
    HITECH / HIPAA
    Compliance Newsletter

    Enter your email address

Categories

CC

Tools

  • Google Analytics

Essays and Such

  • HIPAA Survival Guide (PDF)
    Read the HSG in PDF format.
  • HIPAA Survival Guide (online)
    Practical advice for health care practitioners.

  • Search, KM & the Practice of Law

  • Silicon Stories eBook

  • Dirty Little Secret

  • Competitive Advantage

  • Process Patterns

  • Movie Making and Software Development

  • The Missing Factory

  • Architecture: Shack, House or Skyscraper?

  • The Talent Wars

  • Knowledge Management and Infotainment

  • What comes after what comes next?

February 2019

Sun Mon Tue Wed Thu Fri Sat
          1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28    

Archives

More...