Hackers and other cybercriminals are taking advantage of security weaknesses within healthcare organizations infrastructure. They infiltrate the defenses of the network, encrypt the data and charge the healthcare organization a premium for the key to unlock and retrieve their patient data. Even more insidious are the recent attacks, such as NotPetya, where the hackers were not interested in ransomed, but rather to destroy the data of whatever organization they compromised.
This white paper will help healthcare organizations understand the critical planning components involved in helping their organization to become more resilient to disruptions and adverse events, while maintaining compliance with the contingency plan standard outlined within the Health Information Patient Portability Act (HIPAA) Security Rule.
Developing an IT Contingency Plan
“IT contingency planning refers to a coordinated strategy involving plans, procedures, and technical measures that enable the recovery of IT systems, operations, and data after a disruption.” Within the context of HIPAA, a contingency plan contains the policies and procedures required to protect and recover ePHI after an adverse