Ransomware and HIPAA - Prevent, Prepare, Respond and Recover

Instructor: Paul R. Hales
Webinar Id: 800970

Duration: 60 Minutes

  • Recorded
  • Only for one participant ?
  • Price $179.
  • Corporate Recorded
  • Any number of participants ?
  • Price $379.


"This Course is approved for 1 general credit from the Nevada Board Of Continuing Legal Education."

Overview: This course explains treacherous Ransomware threats attacking the Healthcare Industry and how to prevent, prepare for, respond to and recover from a Ransomware attack. It covers HIPAA Rules that apply to Ransomware, compliance with the HIPAA Rules and how to conduct a HIPAA Breach Risk Assessment to prove a Ransomware attack did not result in a Breach of Unsecured Protected Health Information (PHI) - a violation of the HIPAA Privacy Rule.

Why should you Attend:
  • Ransomware including new, more treacherous varieties used by cyber-criminals to attack the Healthcare Industry
  • HIPAA Rules that apply to Ransomware attacks
  • "Social Engineering" tricks criminals use to sneak Ransomware into Electronic Information Systems
  • What to do if your organization suffers a Ransomware attack
  • Best practices to:
    • Prevent
    • Prepare
    • Respond
    • Recover from Ransomware Attacks
  • How to do a HIPAA Breach Risk Assessment to determine if a Ransomware attack resulted in a HIPAA Breach - or not - if the assessment demonstrates a low probability of compromise to PHI
  • What the HIPAA Breach Notification Rule requires when a Ransomware attack does result in a Breach of Unsecured PHI
  • The interconnected roles and responsibilities of Covered Entities and BAs under the HIPAA Breach Notification Rule concerning Ransomware attacks

Areas Covered in the Session:
  • Introduction - Course Agenda and Objectives
  • What is Ransomware?
  • Why is the Healthcare Industry a Prime Target?
  • HIPAA Law and HIPAA Rules that apply to Ransomware Attacks
  • Covered Entity - Business Associate Relationship, Responsibilities, Interdependent Liabilities
  • What to Do if (when) your organization suffers a Ransomware Attack
    • Preliminary Description - HIPAA Breach Risk Assessment
  • Best Practices to Prevent a Ransomware Attack
  • How to Prepare for a Ransomware Attack
  • How to Respond to a Ransomware Attack
    • To pay or not to pay?
    • Law Enforcement
  • How to Recover from a Ransomware Attack
  • How to do a HIPAA Breach Risk Assessment - Demonstration
  • What to do if the Ransomware Attack caused a HIPAA Breach
  • Step-by-Step Breach Notification Requirements
    • Documentation
    • Notifications - Fewer than 500 Individuals affected
    • Notifications - More than 500 Individuals affected
  • Questions, Answers, Discussion

Who Will Benefit:
  • C-Suite Executives
  • HIPAA Compliance Official
  • HIPAA Privacy Officer
  • HIPAA Security Officer
  • Information Technology Supervisor
  • Practice Manager
  • Office Manager
  • Risk Manager
  • Compliance Official
  • Healthcare Providers - e.g. Dentist, Optometrist, Chiropractor, Physical Therapist, Podiatrist, Physician

Speaker Profile
Paul R. Hales received his Juris Doctor degree from Columbia University Law School and is licensed to practice law before the Supreme Court of the United States. He is an expert on HIPAA Privacy, Security, Breach notification and Enforcement Rules with a national HIPAA consulting practice based in St. Louis. Paul is the author of all content in The HIPAA E-Tool, an Internet-based, Software as a Service product for health care providers and business associates.

You Recently Viewed