Need Assistance?

Would you like more assistance regarding EHR Selection and Contracting strategies or support in using any of the included resource sets?

Request Support

Upcoming Events

HITEQ On the Horizon: Environmental Preparedness for Health Centers (5/21/2024 1:00 PM - 2:00 PM (UTC-05:00) Eastern Time (US & Canada))
HITEQ On the Horizon: What is the future of AI in Health Centers? Collection (6/4/2024 12:00 PM - 1:00 PM (UTC-05:00) Eastern Time (US & Canada))
Digital Health Strategy to Enable Comprehensive Care: Digital Health in Action- Use Cases and Success Stories (6/27/2024 12:00 PM - 1:30 PM (UTC-05:00) Eastern Time (US & Canada))

The Quadruple Aim

: A Conceptual Framework
Improving the U.S. health care system requires four aims: improving the experience of care, improving the health of populations, reducing per capita costs and improving care team well-being. HITEQ Center resources seek to provide content and direction aligned with the goals of the Quadruple Aim
Learn More >

Overview

This section provides guidance to understand the key contract terms involved in negotiating the vendor contract. It is critical to negotiate a vendor contract that takes into account the unique circumstances of your center and incorporates flexibility to meet your reporting needs. Guidance is offered related to indemnification, warranties and disclaimers, liability, dispute resolution, termination and migration, and access to and use of the EHR data.

Purchasing EHR

Strategic Cybersecurity Breach Protection and Incident Response

HITEQ Center / Tuesday, October 29, 2019

/ Categories: Privacy and Security, Privacy & Security Best Practices, HIPAA, Security Risk Analysis, Breach Mitigation & Response

Strategic Cybersecurity Breach Protection and Incident Response

Guidance and Resources for Health Centers

General cybersecurity guidance would suggest that Health IT breach should not be considered a matter of “if”, but rather a matter of “when”. How an organization prepares and responds to an episode of breach is just as important as defending itself from breach. Unfortunately, Health Centers are perceived as a domain with high potential for data breach, and consequently it is critical for Health Center leadership to embrace breach mitigation and incident response planning across their entire organization vs being a matter to be addressed by their Health IT team. Breach can occur through both internal and external network leaks, through malware such as ransomware and through physical means on site. This is Part 2 of the Health Center Defense Against the Dark Web presentation series. This presentation provides general knowledge about breach mitigation and planning strategies for incident response.

Access the presention, as well as several other helpful references and resources below!

Print

26268

Tags: HIPAA NIST cybersecurity secure messaging passwords password policy authentication security measures cybersecurity defender

Intended Audience

Health Center IT Leadership, All Health Center Staff, Health IT Staff, Privacy & Security Staff

Documents to download

HITEQ Presentation: Defense against the Dark Web (.pptx, 3.77 MB) - 3825 download(s)
Presented in 2019.
Cybersecurity Incident & Vulnerability Response Playbooks(.pdf, 1.1 MB) - 1461 download(s)
Published by CISA in 2021
Tabletop Exercise Package for Ransomware(.docx, 3.74 MB) - 1488 download(s)
Published by CISA in 2020.
Sample-Individual-HIPAA-Breach-Notice-Letter(.docx, 19.42 KB) - 3 download(s)

Resource Links

NIST Computer Security Incident Handling GuideComputer security incident response has become an important component of information technology (IT) programs. Because performing incident response effectively is a complex undertaking, establishing a successful incident response capability requires substantial planning and resources. This publication assists organizations in establishing computer security incident response capabilities and handling incidents efficiently and effectively.
......Health Center Defender Against the Dark Web

Related Resources

Acknowledgements

This resource collection was compiled by the HITEQ Center staff with guidance from HITEQ Advisory Committee members and collaborators of the HITEQ Center.