The Office for Civil Rights (OCR) recently released guidance entitled “My Entity Just Experienced a Cyber-attack! What Do We Do Now?”
The Checklist is a practical tool for health care entities and outlines several steps to take following a cyber-attack.
According to the Checklist, in the event of a cyber-attack or similar emergency an entity:
- Must execute its response and mitigation procedures and contingency plans
- Should report the crime to law enforcement agencies
- Should report all cyber threat indicators to federal and information-sharing and analysis organizations (ISAOs)
- Must report breaches to OCR as soon as possible, but no later than 60 days after the discovery of a breach.
Of course, there are more steps before, during and after a cyber-attack, and these are the bare minimum, but nonetheless, any time guidance is issued by OCR, it is worth a read.