Skip to main content
U.S. flag

An official website of the United States government

Return to Search

Cybersecurity Newsletters Archive

This is the OCR Cyber Secuirty Newsletter Archive

Final

Issued by: Office for Civil Rights (OCR)

Cybersecurity Newsletters Archive

In 2019, OCR moved to quarterly cybersecurity newsletters. The purpose of the newsletters remains unchanged: to help HIPAA covered entities and business associates remain in compliance with the HIPAA Security Rule by identifying emerging or prevalent issues, and highlighting best practices to safeguard PHI.

Years on this page:   2018 |   2017 | 2016

2018

January 2018 OCR Cybersecurity Newsletter: Cyber Extortion - PDF

February 2018 OCR Cybersecurity Newsletter:  Phishing - PDF

March 2018 OCR Cybersecurity Newsletter:  Contingency Planning - PDF

April 2018 OCR Cybersecurity Newsletter:  Risk Analyses vs. Gap Analyses-What is the difference? - PDF UPDATED

May 2018 OCR Cybversecurity Newsletter:  Workstation Security - PDF

June 2018 OCR Cybersecurity Newsletter: Software Vulnerabilities and Patching - PDF

July 2018 OCR Cybersecurity Newsletter:  Guidance on Disposing of Electronic Devices and Media - PDF

August 2018 OCR Cybersecurity Newsletter:  Considerations for Securing Electronic Media and Devices - PDF

October 2018 OCR Cybersecurity Newsletter:  National Cybersecurity Awareness Month - PDF

 

2017

January 2017 OCR Cybersecurity Newsletter: Understanding the Importance of Audit Controls - PDF - PDF

February 2017 OCR Cybersecurity Newsletter: Reporting and Monitoring Cyber Threats - PDF - PDF

April 2017 OCR Cybersecurity Newsletter: Man-in-the-Middle Attacks and HTTPS Inspection Products - PDF - PDF

May 2017 OCR Cybersecurity Newsletter: Cybersecurity Incidents will happen… Remember to Plan, Respond, and Report! - PDF - PDF

June 2017 OCR Cybersecurity Newsletter: File Sharing and Cloud Computing: What to Consider? - PDF

July 2017 OCR Cybersecurity Newsletter: Train Your Workforce, so They Don’t Get Caught by a Phish! - PDF

August 2017 OCR Cybersecurity Newsletter: Protecting yourself from potential scammers while being charitable - PDF

September 2017 OCR Cybersecurity Newsletter: National Cybersecurity Awareness Month - PDF

October 2017 OCR Cybersecurity Newsletter: Mobile Devices and Protected Health Information (PHI) - PDF

November 2017 OCR Cybersecurity Newsletter:  Insider Threats and Termination Procedures - PDF

December 2017 OCR Cybersecurity Newsletter: Cybersecurity While on Holiday  - PDF

 

2016

February 2016 OCR Cybersecurity Newsletter: Ransomware, Tech Support Scam, and Scam Tracker Tool - PDF - PDF

March 2016 OCR Cybersecurity Newsletter: Tips for Keeping PHI Safe, NSA’s Lessons Learned, Malware - PDF - PDF

April 2016 OCR Cybersecurity Newsletter: New Cyber Threats and Attacks on the Healthcare Sector - PDF - PDF

May 2016 OCR Cybersecurity Newsletter: Is Your Business Associate Prepared for a Security Incident? - PDF - PDF

June 2016 OCR Cybersecurity Newsletter: What’s in Your Third-Party Application Software? - PDF - PDF

July 2016 OCR Cybersecurity Newsletter: Is your Covered Entity or Business Associate Capable of Responding to a CyberSecurity Incident? - PDF - PDF

August 2016 OCR Cybersecurity Newsletter: Do You Know Who Your Employees Are? - PDF - PDF

September 2016 OCR Cybersecurity Newsletter: Cyber Threat Information-Sharing - PDF - PDF

October 2016 OCR Cybersecurity Newsletter: Mining More than Gold - PDF - PDF

November 2016 OCR Cybersecurity Newsletter: What Type of Authentication is Right for you? - PDF - PDF

December 2016 OCR Cybersecurity Newsletter: Understanding DoS and DDoS Attacks and Best Practices for Prevention - PDF - PDF

HHS is committed to making its websites and documents accessible to the widest possible audience, including individuals with disabilities. We are in the process of retroactively making some documents accessible. If you need assistance accessing an accessible version of this document, please reach out to the guidance@hhs.gov.

DISCLAIMER: The contents of this database lack the force and effect of law, except as authorized by law (including Medicare Advantage Rate Announcements and Advance Notices) or as specifically incorporated into a contract. The Department may not cite, use, or rely on any guidance that is not posted on the guidance repository, except to establish historical facts.