Dedicated to providing the latest
HIPAA compliance news

How to Respond to a Healthcare Data Breach

Share this article on:

With hackers targeting healthcare providers for the Protected Health Information (PHI) they hold, data breaches are no longer a probability but an inevitability. If fact, it is now highly probable that healthcare providers and insurers will suffer not just one data breach, but multiple exposures of patient data.

If robust multi-layered cybersecurity defenses are deployed, the staff is trained on internal data privacy and security policies, and individuals are trained on how to identify phishing emails, the risk of suffering a data breach can be greatly reduced. The risk cannot however ever be reduced to zero.

It is therefore vital for HIPAA-covered entities to develop a data breach response plan that can be implemented immediately following the discovery of a cyberattack or malware infection. Being able to respond to a data breach rapidly, and execute a highly efficient response, is likely to reduce the damage caused to the HIPAA-covered entity and to its patients or subscribers.

In order for an efficient response to be executed, it is essential that a data breach plan has been tried and tested. All members of staff involved in the breach response must be made aware of their responsibilities, and a plan should exist to enable resources to be diverted to dealing with the breach, without majorly impacting the business.

But what should the response to a healthcare data breach be? To find out, take a look at the infographic below. It summarizes a standard breach response to a cyberattack or malware infection, and details some of the steps that should be taken to mitigate risk quickly and reduce fallout.

How to Respond to a Healthcare Data Breach





Author: HIPAA Journal

HIPAA Journal provides the most comprehensive coverage of HIPAA news anywhere online, in addition to independent advice about HIPAA compliance and the best practices to adopt to avoid data breaches, HIPAA violations and regulatory fines.

Share This Post On