The Overlooked Basics
The Overlooked Basics
A summary of what every dental practice owner should know and implement in the day to day operations of their practice.
dentalattorney

Correctly Respond to a Cyber Attack

Correctly Respond to a Cyber Attack

3/6/2018 6:55:49 AM   |   Comments: 0   |   Views: 52
As technological advancements increase daily, our dependence on technology continues to positively correlate with this trend. Practices implement technology to streamline administrative tasks, gather patient data, organize and store patient health records, manage finances, and other tasks to maximize overall profitability.  Unfortunately, the recent influx in technology also positively correlates to an increasing concern: the growing number of cybercriminals.

Cybercriminals increasingly target the healthcare industry due to the wealth of information in patient health record files. After gaining access to patient health records, cybercriminals may personally steal the identity of patients or sell their identities on the dark web. A cyber breach can devastate a healthcare practice. In the event of a cybersecurity breach, a practice should establish a reaction plan to effectively and efficiently respond.

The following steps appear in the U.S Department of Health and Human Services' Office of Civil Rights (OCR) recommendations following a cybersecurity breach for an entity covered under HIPAA.

1. Immediately initiate procedures to resolve the technological failure that permitted the cyberattack.

2. Report the breach to local and federal law enforcement.

3. Inform the Department of Homeland Security, Health and Human Services Assistant Secretary for Preparedness and Response, as well other information-sharing and analysis organizations (ISAOs) of the cyber threat.

4. Immediately notify the OCR of the security breach within 60 days if the data breach affects more than 500 patients. If the breach affects less than 500 patients, the OCR must be notified within 60 days of the termination of the calendar year as well as notify the affected individuals without reasonable delay.

The U.S Department of Health and Human Services' Office of Civil Rights (OCR) will take compliance with this checklist into consideration when conducting their investigation. While the steps listed above indicate best practices in the event of a cybersecurity breach, more action may need to be taken depending on the situation. If you have any questions regarding the post-breach procedures, notify an attorney. 


OBERMAN LAW FIRM 

Stuart J. Oberman, Esq handles a wide range of legal issues for the dental profession including cyber security breaches, employment law, practice sales, OSHA, and HIPAA compliance, real estate transactions, lease agreements, noncompete agreements, dental board complaints, and professional corporations.
 
For questions or comments 
regarding this article 
               please call (770) 554-1400 
           or visit www.obermanlaw.com
 
 Email Emily Calvert at emily@obermanlaw.com to hear Stuart J. Oberman, Esq speak at your next event.

More Like This

Total Blog Activity

731
Total Bloggers
8,856
Total Blog Posts
2,831
Total Podcasts
1,243
Total Videos

Sponsors

Townie Perks

Townie® Poll

Do you rent or own your office space?
  

Site Help

Sally Gross, Member Services
Phone: +1-480-445-9710
Email: sally@farranmedia.com

Follow Dentaltown

Mobile App

WITH DENTALTOWN . . . NO DENTIST WILL EVER HAVE TO PRACTICE SOLO AGAIN®

WWW.DENTALTOWN.COM - WHERE THE DENTAL COMMUNITY LIVES®

9633 S. 48th Street Suite 200 • Phoenix, AZ 85044 · Phone: +1-480-598-0001 · Fax: +1-480-598-3450
©1999-2019 Dentaltown, L.L.C., a division of Farran Media, L.L.C. · All Rights Reserved