The U.S. Department of Health and Human Services published a quick-response checklist for entities involved in a cyber-attack. The Checklist explains what to do during a ransomware attack or other cyber-related security incident. The main steps are outlined below but we strongly recommend downloading the form to ensure you are able to handle an attack.
In the event of a cyber-attack or similar emergency an entity:
- Must execute its response and mitigation procedures and contingency plans
- Should report the crime to other law enforcement agencies
- Should report all cyber threat indicators to federal and information-sharing and analysis organizations
- Must report the breach to OCR as soon as possible, but no later than 60 days after the discovery of a breach affecting 500 or more individuals
Posted on June 15, 2017
Recent Posts
Hacking and Healing: Nation-States, Cyber Attacks, and Healthcare LawHIPAA applies to 3 categories of individuals/entities:Reproductive Rights Attorney: This Is Why Right-Wing Interest Are Attempting To Ban MifepristoneHIPAA applies to 3 categories of individuals/entities:Decades in the Making: 42 CFR Part 2’s Transformation After 50 Years