4.2 C
New York
Saturday, February 24, 2024

Reflecting on Cybersecurity Consciousness Month

Cybersecurity, HHS Office for Civil Rights , CyberSecurity Month Because the Director of the Workplace for Civil Rights (OCR) on the U.S. Division of Well being and Human Companies (HHS), I’m happy with my staff’s work in direction of growing cybersecurity consciousness final month, and actually, each month. OCR enforces the Well being Insurance coverage Portability and Accountability Act’s (HIPAA) Privateness, Safety, and Enforcement Guidelines to guard people’ well being data non-public and safe.

To maintain people’ protected well being data protected, a company will need to have sturdy cybersecurity measures. When a HIPAA regulated entity understands and has good cybersecurity practices in place, this lowers the chance of protected well being data changing into compromised. To advertise these good practices, OCR provides sources to the general public and coated entities that handle trending cybersecurity matters. Though sturdy cybersecurity habits must be year-round, OCR celebrated October’s Cybersecurity Consciousness Month with gusto within the following methods:

  • Useful resource Paperwork on Telehealth: OCR issued two useful resource paperwork to advertise cybersecurity in telehealth for various audiences.
  • Publication on Sanctions Insurance policies: OCR continuously publishes Cybersecurity Newsletters to maintain the general public knowledgeable of probably the most up-to-date cybersecurity matters. In October, OCR put out a publication on “How Sanction Insurance policies Can Help HIPAA Compliance”. A company’s sanction insurance policies might be an essential software for supporting accountability and enhancing cybersecurity and knowledge safety. The publication relayed what the capabilities, the content material, and execution of what such a coverage may appear like.
  • Movies on Defending In opposition to Cyber-Assaults: OCR launched two movies, in English and Spanish, on the HIPAA Safety Rule and the way it can assist regulated entities defend in opposition to cyber-attacks. The movies focus on actual world cyber-attack traits, based mostly on OCR’s expertise with its breach experiences and enforcement, together with methods to detect and mitigate widespread cyber-attacks.
  • Settlements: OCR introduced its first ever settlement regarding a ransomware assault. Ransomware is a sort of malware (malicious software program) designed to disclaim entry to a person’s knowledge, often by encrypting the info with a key identified solely to the hacker who deployed the malware, till a ransom is paid. This settlement with a enterprise affiliate highlights how ransomware assaults are more and more widespread and concentrating on the well being care system. 
  • Webinar on Danger Evaluation: To cap off Cybersecurity Consciousness Month, OCR hosted a webinar titled “The HIPAA Safety Rule Danger Evaluation Requirement”, to an viewers of over 4,000 registrants. A threat evaluation is a key and essential step for efficient cybersecurity and HIPAA Safety Rule compliance. This webinar mentioned what’s required to conduct an correct and thorough threat evaluation to protected well being data.
  • Cybersecurity Coaching: All through October, OCR’s eight regional workplaces performed cybersecurity coaching for big hospitals, small medical suppliers, enterprise associates, state well being departments, and state social service businesses to help them in complying with their cybersecurity obligations within the face of adjusting hostile threats.

We encourage your efforts to maintain your group in compliance with HIPAA, and a part of that effort is having sturdy cybersecurity measures. Keep tuned for future OCR bulletins in help of HIPAA and cybersecurity, and please make use of our free cybersecurity sources.

Extra Assets:

Related Articles


Please enter your comment!
Please enter your name here

Latest Articles