Knowledge Expansion

Does your practice have a cybersecurity contingency plan?

Insight Article

For physician practices, establishing a contingency plan is vital when attempting to recover electronic protected health information (ePHI) following a cyberattack or other incident that results in data loss.

As part of the Department of Health and Human Services (HHS) 2005 HIPAA Security Rule, physician practices and other HIPAA covered entities must “[e]stablish (and implement as needed) policies and procedures for responding to an emergency or other occurrence … that damages systems that contain electronic protected health information.”

Sign in to access this material

Member Login Become a Member

About the Author

Christian Green
Christian Green MA
MGMA Writer/Editor MGMA