- Dates: November 17, 2016
- Time: 8:30 AM - 12:30 PM (Mountain Time MST)
- Location: Virtual (online)
- Presentation Length:
- On Demand available: November 18, 2016 at 12:30PM MST *
- Author: Paul R. Hales, JD
• Ransomware is malicious, criminal software that targets critical electronic health information systems maintained by a Covered Entity (Health Care Provider, Health Plan or Health Care Clearinghouse) or a Business Associate for the purpose of extortion. It is the fastest growing and most dangerous threat to the security of health information in the United States. The U. S. Department of Justice reports more than 4,000 Ransomware attacks have occurred daily since January 1, 2016 – a 300 % increase from 1,000 daily attacks in 2015.
• On July 11, 2016 the U. S. Department of Health and Human Services declared a Ransomware attack that encrypts Electronic Protected Health Information (EPHI) maintained by a Covered Entity or Business Associate is presumed to be a HIPAA Breach – unless the Covered Entity or Business Associate is able to conduct a Breach Risk Assessment defined by the HIPAA Breach Notification Rule that demonstrates a “low probability the PHI was compromised”. The Breach Notification Rule describes the factors that must be applied to determine the level of compromise of PHI resulting from a Ransomware attack.
• Ransomware and describe the newest varieties of Ransomware that are being used by cyber-criminals.
• Best practices to prevent and defend against Ransomware attacks.
• What to do if your organization suffers a Ransomware attack.
• Demonstrate how to do a HIPAA Breach Risk Assessment to determine if the Ransomware attack resulted in “low probability of Compromise to the PHI”.
• Demonstrate what the HIPAA Breach Notification Rule requires when a Ransomware attack did result in a Breach.
The virtual workshop will explain the interconnected roles and responsibilities of Covered Entities and Business Associates under the HIPAA Breach Notification Rule regarding Ransomware attacks.
Register Today! Select a date below:
About The Author
Paul R. Hales, JD
Paul R. Hales is an attorney at law with a Juris Doctor degree from Columbia University Law School. He is licensed to practice before the Supreme Court of the United States. Mr. Hales manages a national consulting firm focused on compliance with HIPAA Privacy, Security and Breach Notification Rules. He is the author of all content in the HIPAA Manager, a complete Software as a Service product available to Covered Entities and Business Associates on the Internet.
Can't Attend Live? Available 'On-Demand' November 18th
- Get access to the author-recorded webinar broadcast
- Ipod/iphone video, and presentation slides
- Includes electronic workbook
- Learn at your own pace, with the ability to pause or re-watch parts
Already subscribed? Log in
*On demand and virtual workshops are for single person use only and may not be rebroadcast,
retransmitted, shared or disseminated. A computer with a high speed Internet connection
and speakers (or headphones) is recommended to connect to the event.