Lately The HHS Office for Civil Legal rights (OCR) shared an extensive listing of sources for just about any HIPAA-controlled entity to enable them to within the prevention, recognition, and minimization of information breaches of protected health information which occurs due to hacking or ransomware.
Like a covered entity or business affiliate under HIPAA compliance, a panic attack in your business may expose unsecured protected health information (PHI). Underneath the HIPAA Breach Notification Rule, you will find reporting needs that you need to stick to.
HIPAA Secure Now can assist you to mitigate the increasing chance of a cybersecurity breach, in addition to maintain HIPAA compliance. Unsure if you are covered? We can assist you to uncover any gaps inside your business structure.
This contains briefs that outline individual threats at length.
HHS Health Sector Cybersecurity Coordination Center Threat Briefs
An overview page are available here.
o January 28, 2021 – ATTACK for Emotet
o March 12, 2021 – New Ryuk Variant Analyst Note
o April 8, 2021 – Ryuk Variants
o May 25, 2021 – Conti Ransomware Analyst Note
o June 3, 2021 – Ransomware Trends 2021
o July 8, 2021 – Conti Ransomware
o July 8, 2021 – Phobos Ransomware Analyst Note
o August 5, 2021 – Qbot/QakBot Ransomware
o August 6, 2021 – Lazio Ransomware Attack Analyst Note
o August 19, 2021 – REvil Update
o August 24, 2021 – OnePercent Group Ransomware Alert
o August 25, 2021 – IOCs Connected with Hive Ransomware Alert
o September 2, 2021 – Demystifying BlackMatter
HHS Sources on Section 405(d) from the Cybersecurity Act of 2015:
- Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients https://world wide web.phe.gov/Readiness/planning/405d/Pages/hic-practices.aspx
- Cybersecurity Reports and Tools https://world wide web.phe.gov/Readiness/planning/405d/Pages/reportandtools.aspx
OCR Guidance:
- Ransomware https://world wide web.hhs.gov/sites/default/files/RansomwareFactSheet.pdf
- Cybersecurity
https://world wide web.hhs.gov/hipaa/for-professionals/security/guidance/cybersecurity/index.html
- Risk Analysis
https://world wide web.hhs.gov/sites/default/files/ocr/privacy/hipaa/administrative/securityrule/rafinalguidancepdf.pdf
 
HHS Security Risk Assessment Tool:
- https://world wide web.healthit.gov/subject/privacy-security-and-hipaa/security-risk-assessment-tool
 
CISA Protecting Sensitive and private Information from Ransomware-Caused Data Breaches:
- https://world wide web.cisa.gov/stopransomware
- https://world wide web.cisa.gov/sites/default/files/publications/CISA_Fact_Sheet-Protecting_Sensitive_and_Personal_Information_from_Ransomware-Caused_Data_Breaches-508C.pdf
 
CISA Ransomware Guide:
- https://world wide web.cisa.gov/sites/default/files/publications/CISA_MS-ISAC_Ransomware%20Guide_S508C_.pdf
 
FBI Ransomware Sources:
- https://world wide web.fbi.gov/scams-and-safety/common-scams-and-crimes/ransomware
- https://world wide web.ic3.gov/Media/Y2019/PSA191002
 
OCR Cybersecurity Newsletters:
- Creating a List and Checking it Two times: HIPAA also it Asset Inventories (Summer time 2020 Cybersecurity e-newsletter): https://world wide web.hhs.gov/hipaa/for-professionals/security/guidance/cybersecurity-e-newsletter-summer time-2020/index.html
- What Went Down to My Data?: Update on Stopping, Mitigating and Answering Ransomware (Fall 2019 Cybersecurity E-newsletter):https://world wide web.hhs.gov/hipaa/for-professionals/security/guidance/cybersecurity-e-newsletter-fall-2019/index.html
- Phishing (Feb 2018 Cybersecurity E-newsletter): https://world wide web.hhs.gov/sites/default/files/cybersecurity-e-newsletter-feb-2018.pdf
- Plan A… B… Contingency Plan! (March 2018 Cybersecurity E-newsletter): https://world wide web.hhs.gov/sites/default/files/march-2018-ocr-cyber-e-newsletter-contingency-planning.pdf
- Cybersecurity Occurrences will happen… Make sure to Plan, Respond, and Report! (May 2017 Cybersecurity e-newsletter): https://world wide web.hhs.gov/sites/default/files/may-2017-ocr-cyber-e-newsletter.pdf
For additional info on our HIPAA compliance and cybersecurity programs, click here.
The publish Cybersecurity Sources for Healthcare made an appearance first on HIPAA Secure Now!.