In the latest Delta Risk white paper, which follows our Cyber Security Primer for Healthcare white paper, we take a deeper look at the specific legal obligations that healthcare providers must meet, and how you can build a healthcare cyber security program to meet and exceed compliance responsibilities.
Under the Health Insurance Portability Act (HIPAA) and the Health Information Technology for Economic and Clinical Act (HITECH), healthcare providers are required to uphold regulatory obligations. This is to maintain compliance and avoid costly reputational damage, fines, and compromise of electronic patient health information (ePHI).
Delta Risk VP and General Manager Mike McKinley, who contributed to the white paper, noted, “The U.S. Department of Health and Human Services has taken an even tougher stance on covered entities and their business associates recently to meet breach notification requirements or face the possibility of larger settlement payouts. So, this white paper is very timely.”
White Paper Covers Key Takeaways
The white paper, Cyber Compliance Primer for Healthcare (Privacy and Security in Healthcare: 20 Years in the Making) discusses:
- Important takeaways from the OCR’s guidance on handling ransomware attacks
- How to interpret healthcare breach notification rules
- Litigation liability factors for covered entities and business associates
- Board of director and provider liabilities under HIPAA law
- The Federal Trade Commission (FTC) enforcement actions
- Steps your organization can take to respond quickly to reporting requirements