FACT SHEET: Ransomware and HIPAA

Citation
Department of Health and Human Services Office for Civil Rights (OCR), FACT SHEET: Ransomware and HIPAA (Aug. 2016) (full-text).

Overview
This document describes ransomware attack prevention and recovery from a healthcare sector perspective, including the role the Health Insurance Portability and Accountability Act of 1996 (HIPAA) has in assisting HIPAA covered entities and business associates to prevent and recover from ransomware attacks, and how HIPAA breach notification processes should be managed in response to a ransomware attack.