Cyber Attack – Quick Response Solutions
Recently a report by Radware revealed that the average healthcare organization loses an estimated cost of 1.4 million to cyber attacks. [1] With these increasing cyber attacks on the healthcare industry, the U.S. Department of Health & Human Services (HHS), Office for Civil Rights (OCR) has formulated a plan to be followed by any entity falling under HIPAA. The devised checklist also covers the Business Associates (BA) of these HIPAA covered entities. These HHS published lists are commonly known as the HIPAA Privacy Rule and the HIPAA Security Rule.
HIPAA Privacy Rule | * Also called Standards for Privacy of Individually Identifiable Health Information
* The Privacy Rule contains the national standards to be followed by HIPAA entities and their BA for the protection of certain kind of health information |
HIPAA Security Rule | * Also called as Protection of Electronic Protected Health Information
* The Security Rule of HIPAA establishes a set of national security standards for protecting the health data stored or transferred in digital form |
This guide is a must for all the HIPAA covered entities and their business associates. To learn about incident handling and incident response, take a look at EC-Council Certified Incident Handler (E|CIH). It is a specialist-level program that trains you on what must be done after a security breach to reduce its impact and further complications. The program also focuses on keeping financial and reputational consequences at its minimum.
Sources:
[1] https://www.radware.com/ert-report-2018/https://www.hhs.gov/hipaa/for-professionals/security/laws-regulations/index.html