Is an incident involving ransomware a HIPAA breach?
The article below gives some guidance on whether or not it is a breach, though the scope of the incident is a HUGE determination in whether or not it is a breach.
http://www.databreaches.net/when-do-covered-entities-need-to-report-ransomware-incidents-to-hhs/
Basically, an enterprise-wide structured / unstructured ePHI (database, file share / SAN / NAS) ransomware event is certainly a HIPAA breach.
No comments:
Post a Comment