Shearman & Sterling LLP multinational law firm headquartered in New York City, United States.

Aug 09, 2016

HHS Releases Guidance on Privacy and Security Audits and Ransomware

配信申込

ジャンプリンクテキスト

 

If your organization operates in the healthcare industry, particularly if it qualifies as a covered entity or business associate under the Health Insurance Portability and Accountability Act (HIPAA), you may have noticed the recent flurry of activity from the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR).  First, HHS has recently launched phase two of its three-part audit of compliance with HIPAA privacy, security and breach notification rules.  Second, HHS has provided guidance on ransomware which states that the presence of ransomware is a “security incident,” which triggers breach disclosure obligations.  Organizations subject to HIPAA should review its security incident procedures in light of the upcoming audits and the ransomware guidance and even entities outside the healthcare industry may also benefit from reviewing these guidance documents since other agencies and governmental authorities may follow HHS’s lead in these interpretations.

View full memo, HHS Releases Guidance on Privacy and Security Audits and Ransomware

著者等

Robert Masella

パートナー

M&A

+1 212 848 5125

+1 212 848 5125

ニューヨーク

Benjamin Petersen

アソシエイト

知的財産取引

+1 650 838 3706

+1 650 838 3706

メンローパーク