The most recent OCR Cybersecurity Newsletter provides guidance on HIPAA Security Rule security incident procedures. According to the Office for Civil Rights (OCR), there has been a 42% increase in cyber-attacks for the first half of 2022 compared to 2021 and a 69% increase in cyber-attacks in the health care sector. Most breaches result from hacking/IT incidents.
The OCR suggests that a timely response to a cybersecurity incident is the best way to prevent harm. Specifically, companies should
- Form a security incident response team
- Identify security incidents
- Respond to security incidents
- Mitigate harmful effects of a security incident
- Document the incident
- Understand breach reporting obligations
The OCR Cybersecurity Newsletter presents guidance on each topic and provides useful information for employers to help prepare for and respond to security incidents. The Newsletter may be accessed by clicking here.
