LMC Insurance & Risk Management
  • Home
  • About Us
    • Leadership
    • Nebraska Office
    • Wisconsin Office
  • For Business
    • Property Casualty
    • Employee Benefits >
      • Iowa Health Insurance Pool
      • Share to Compare
    • Financial Services
    • Surety Bonds
    • Risk Management
    • Cyber Security
    • Executive and Owner Risk Management
  • Industries
    • Construction
    • Healthcare
    • Higher Education and Nonprofits
    • Manufacturing
    • Petroleum
  • Personal
  • Blog
  • Online Tools
  • Careers
    • Open Positions
  • Contact Us
  • Home
  • About Us
    • Leadership
    • Nebraska Office
    • Wisconsin Office
  • For Business
    • Property Casualty
    • Employee Benefits >
      • Iowa Health Insurance Pool
      • Share to Compare
    • Financial Services
    • Surety Bonds
    • Risk Management
    • Cyber Security
    • Executive and Owner Risk Management
  • Industries
    • Construction
    • Healthcare
    • Higher Education and Nonprofits
    • Manufacturing
    • Petroleum
  • Personal
  • Blog
  • Online Tools
  • Careers
    • Open Positions
  • Contact Us

Welcome to the LMC Blog

HIPAA cyber attack response checklist

8/1/2017

 
Under the Health Insurance Portability and Accountability Act (HIPAA), a covered entity that experiences a ransomware attack or other cyber-related security incident must take immediate steps to prevent or mitigate any impermissible release of protected health information (PHI). 

The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued a checklist to help HIPAA-covered entities determine the specific steps they must take in the event of a data breach.

Entities subject to HIPAA should become familiar with the OCR’s checklist and other guidance for handling cyber security breaches involving PHI. These entities should also ensure they have plans for mitigating the effects of breaches.

OCR Quick-response Checklist
In the event of a cyber attack or similar emergency, a covered entity must do the following:
  • Execute its response and mitigation procedures and contingency plans.
  • Report the crime to appropriate law enforcement agencies.
  • Report all cyber threat indicators to federal and information-sharing and analysis organizations.
  • Report the breach to affected individuals and to the OCR as soon as possible.

Reportable Incidents
HIPAA regulations also require covered entities to report certain cyber-related security incidents to affected individuals, the OCR and other agencies. In general, a reportable breach occurs anytime PHI was accessed, acquired, used or disclosed.
    We're here to help.
    ​1-800-677-1529
    ​
    Email Us
    Follow @lmc_insurance

    Categories

    All
    Compliance
    Construction
    Cyber Security
    Directors And Officers
    Employee Benefits
    Executive Benefits
    Healthcare
    Higher Education
    Human Resources
    Manufacturing
    News
    Personal Insurance
    Property And Casualty
    Risk Management
    Wellness
    Workers Compensation

    Archives

    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017

    While every effort has been taken in compiling this information to ensure that its contents are totally accurate, neither the publisher nor the author can accept liability for any inaccuracies or change circumstances of any information herein or for the consequences of any reliance placed upon it. This publication is distributed on the understanding that the publisher is not engaged in rendering legal, accounting, or other professional advice or services. Readers should always seek professional advice before entering into any commitments.
LMC Insurance & Risk Management
1-800-677-1529

Iowa
4200 University Ave, Suite 200 
West Des Moines, IA 50266-5945
Nebraska
5940 South 118th Circle
Omaha, NE 68137
Wisconsin
708 Heartland Trail, Suite 1000
Madison, WI 53717
Independent Insurance Services  |  Molyneaux Insurance   |  The Friedman Group  |  Agri-Business Insurance Services
Picture
About LMC
Careers
News
For Businesses
For Individuals & Families
Industries
Commercial Insurance
Risk Management
Surety Bonds
Employee Benefits
Healthcare Reform
Financial Services
Online Tools
Life Insurance Quote
Contact Us
 © 2019 LMC Insurance & Risk Management. All rights reserved. Privacy policy.