4 Steps Physicians Groups Need to Take After a Cyber Breach
1. Execute incident response and contingency plan
This response plan should be a designed set of instructions to help physician groups prepare for, detect, respond, and recover from cyber-related incidents. These plans are primarily technology driven and address malware detection, data theft, services outages, and address departments such as HR, finance, and customer service. A “who does what and when” plan.
2. Report the crime to the appropriate law enforcement
This may include state or local law enforcement, the FBI, or the Secret Service. Swift reporting can help facilitate the recovery of lost funds. Reports should not include PHI unless otherwise permitted under HIPAA.
3. Report all cyber threat indicators to federal and information-sharing and analysis organizations
Ex. Department of Homeland Security, the HHS Assistant Secretary for Preparedness and Response, and private sector cyber threat ISAOs.
4. Report the breach to affected patients and to the office for civil rights (OCR) as soon as possible
If the breach affects 500 or more patients, the practice must notify affected patients, OCR, and the media no later than 60 days after discovery of the breach unless law enforcement has requested a delay in reporting. If the cyber breach has affected fewer than 500 patients, the practice must notify the affected individuals without unreasonable delay, but no later than 60 days after discovery of the breach, and notify OCR within 60 days after the end of calendar year in which the breach was discovered.
Contact us today to connect with a cyber expert on our team who can help you make sure you have appropriate coverage and can walk you through the steps you need to take after a cyber breach.