• Text Resize A A A
  • Print Print
  • Share Share on facebook Share on twitter Share

Cyber Security Guidance Material

In this section, you will find educational materials specifically designed to give HIPAA covered entities and business associates insight into how to respond to a cyber-related security incidents.

Cyber Security Checklist and Infographic

This guide and graphic explains, in brief, the steps for a HIPAA covered entity or its business associate to take in response to a cyber-related security incident.

Cyber Security Checklist

Cyber Security Infographic [GIF 802 KB]

Ransomware Guidance

HHS has developed guidance to help covered entities and business associates better understand and respond to the threat of ransomware.

Ransomware

National Institute of Standards and Technology (NIST) Cybersecurity Framework

This crosswalk document identifies “mappings” between NIST’s Framework for Improving Critical Infrastructure Cybersecurity and the HIPAA Security Rule.

NIST Cyber Security Framework to HIPAA Security Rule Crosswalk

OCR Cyber Awareness Newsletters

The Office for Civil Rights issues monthly newsletters to assist the regulated community to become more knowledgeable about the various security threats and vulnerabilities that currently exist in the healthcare sector, to understand what security measures can be taken to decrease the possibility of being exposed by these threats; and how to reduce breaches of ePHI.

Newsletter Issue #1

Newsletter Issue #2

Newsletter Issue #3

Newsletter Issue #4

Newsletter Issue #5

Newsletter Issue #6

Newsletter Issue #7

Newsletter Issue #8

Newsletter Issue #9

Newsletter Issue #10

Newsletter Issue #11

Newsletter Issue #12

Newsletter Issue #13

Newsletter Issue #14

Newsletter Issue #15

Sign up for the OCR Security Listserv to receive the OCR Cyber Awareness Newsletters in your email inbox.

Frequently Asked Questions for Professionals - Please see the HIPAA FAQs for additional guidance on health information privacy topics.

Frequently Asked Questions for Professionals - Please see the HIPAA FAQs for additional guidance on health information privacy topics.

Content created by Office for Civil Rights (OCR)
Content last reviewed on June 7, 2017