The U.S. Department of Health and Human Services published a quick-response checklist for entities involved in a cyber-attack. The Checklist explains what to do during a ransomware attack or other cyber-related security incident. The main steps are outlined below but we strongly recommend downloading the form to ensure you are able to handle an attack.
In the event of a cyber-attack or similar emergency an entity:
- Must execute its response and mitigation procedures and contingency plans
- Should report the crime to other law enforcement agencies
- Should report all cyber threat indicators to federal and information-sharing and analysis organizations
- Must report the breach to OCR as soon as possible, but no later than 60 days after the discovery of a breach affecting 500 or more individuals