Ransomware and HIPAA - Prevent, Prepare, Respond and Recover
Overview:
 |
"This Course is approved for 1 general credit from the Nevada Board Of Continuing Legal Education." |
Overview: This course explains treacherous Ransomware threats attacking the Healthcare Industry and how to prevent, prepare for, respond to and recover from a Ransomware attack. It covers HIPAA Rules that apply to Ransomware, compliance with the HIPAA Rules and how to conduct a HIPAA Breach Risk Assessment to prove a Ransomware attack did not result in a Breach of Unsecured Protected Health Information (PHI) - a violation of the HIPAA Privacy Rule.
Why should you Attend:
- Ransomware including new, more treacherous varieties used by cyber-criminals to attack the Healthcare Industry
- HIPAA Rules that apply to Ransomware attacks
- "Social Engineering" tricks criminals use to sneak Ransomware into Electronic Information Systems
- What to do if your organization suffers a Ransomware attack
- Best practices to:
- Prevent
- Prepare
- Respond
- Recover from Ransomware Attacks
- How to do a HIPAA Breach Risk Assessment to determine if a Ransomware attack resulted in a HIPAA Breach - or not - if the assessment demonstrates a low probability of compromise to PHI
- What the HIPAA Breach Notification Rule requires when a Ransomware attack does result in a Breach of Unsecured PHI
- The interconnected roles and responsibilities of Covered Entities and BAs under the HIPAA Breach Notification Rule concerning Ransomware attacks
Areas Covered in the Session:
- Introduction - Course Agenda and Objectives
- What is Ransomware?
- Why is the Healthcare Industry a Prime Target?
- HIPAA Law and HIPAA Rules that apply to Ransomware Attacks
- Covered Entity - Business Associate Relationship, Responsibilities, Interdependent Liabilities
- What to Do if (when) your organization suffers a Ransomware Attack
- Preliminary Description - HIPAA Breach Risk Assessment
- Best Practices to Prevent a Ransomware Attack
- How to Prepare for a Ransomware Attack
- How to Respond to a Ransomware Attack
- To pay or not to pay?
- Law Enforcement
- How to Recover from a Ransomware Attack
- How to do a HIPAA Breach Risk Assessment - Demonstration
- What to do if the Ransomware Attack caused a HIPAA Breach
- Step-by-Step Breach Notification Requirements
- Documentation
- Notifications - Fewer than 500 Individuals affected
- Notifications - More than 500 Individuals affected
- Questions, Answers, Discussion
Who Will Benefit:
- C-Suite Executives
- HIPAA Compliance Official
- HIPAA Privacy Officer
- HIPAA Security Officer
- Information Technology Supervisor
- Practice Manager
- Office Manager
- Risk Manager
- Compliance Official
- Healthcare Providers - e.g. Dentist, Optometrist, Chiropractor, Physical Therapist, Podiatrist, Physician
Speaker Profile
Paul R. Hales, J.D. is widely recognized for his expert knowledge and ability to explain the HIPAA Rules clearly in plain language. Paul is an attorney licensed to practice before the Supreme Court of the United States and a graduate of Columbia University Law School with an international practice in HIPAA privacy and security. He is the author of all content in The HIPAA E-Tool®, an Internet-based, complete HIPAA compliance solution with separate editions for Covered Entities, Business Associates, Health Plans and Third Party Administrators.