cybersecurity healthcare

New Cybersecurity Guidance for Healthcare

Do you ever worry if you’re doing everything you can to protect your healthcare data from cyber-attacks and stay compliant with HIPAA? If so, you’re not alone. Two new resources can help you strengthen your cybersecurity practices and maintain HIPAA compliance.

OCR Video

The first resource is a video from the Office for Civil Rights (OCR), the agency responsible for enforcing HIPAA. The video provides expert advice on using the HIPAA Security Rule to defend against cyber attacks. The video is also available in Spanish. Topics covered include:

  • OCR breach and investigation trend analysis
    • (e.g., Ransomware via hacking has increased 278% over five years, from 2018 – 2022, and is the largest cybersecurity threat facing healthcare today)
  • Common attack vectors
    • (e.g., hacking into network servers and email together account for 85% of the large breaches reported to OCR during 2023 to date)
  • OCR investigations of weaknesses that led to or contributed to breaches
    • (e.g., weak password management and lack of authentication measures)
  • How Security Rule compliance can help regulated entities defend against cyber-attacks

CISA Toolkit

The second resource is a Toolkit created by the Cybersecurity Infrastructure Security Agency (CISA), the Health Sector Coordinating Council (HSCC), and HHS. The toolkit provides practical guidance for managing and mitigating cyber risk in the healthcare and public health sector.

The Toolkit includes advice for everyone, from beginners to experts, and covers topics like basic cyber hygiene and multi-layered defense measures.

One example is CISA’s StopRansomware guide. This website includes information, guidance, and other tools to help organizations protect, prepare for and respond to ransomware, including new forms of ransomware that keep surfacing – CISA serves as an early warning center whenever it learns of new threats.

This is only one example of the guides from CISA that contain practical steps to strengthen your cybersecurity.

HIPAA Fundamentals

The HIPAA E-Tool® is here to help you stay on track. Whether you need help with Risk Analysis, Security Rule compliance, or HIPAA Training, we’ve got you covered.

Don’t fall behind – call us for answers. We have the resources to protect your healthcare data from cyber threats and keep you HIPAA compliant.

Share This Post

Maggie Hales

Maggie Hales is a lawyer focusing on health information privacy and security. As CEO of ET&C Group LLC she advises health care providers and business associates in 36 states, Canada, Egypt, India and the EU, using The HIPAA E-Tool® to deliver up to date policies, forms and training on everything related to HIPAA compliance.

Copyright © 2023 ET&C Group LLC.

The HIPAA E-Tool® and Protecting Patient Privacy is Our Job®
are registered trademarks of ET&C Group LLC

Terms of Use | Privacy Policy | Cookies Policy | Privacy Settings | HTML/XML Sitemap

Mailing Address
The HIPAA E-Tool
PO Box 179104
St. Louis, MO 63117-9104

Office
8820 Ladue Road Suite 200
St. Louis, MO 63124

Powered by JEMSU