Healthcare and Ransomware Attacks: Protecting Patient Information, Mitigating Privacy Risks
Determining Reportable Breach, Challenges With Third-Party Vendors
Recording of a 90-minute CLE video webinar with Q&A
This CLE course will offer critical insights into the threat of ransomware attacks on healthcare organizations, and best practices inside counsel should consider while preparing for and responding to these events. The panel will examine recent attacks and the lessons learned from them and will discuss the healthcare entities' vulnerabilities and practices that can reduce the risk.
Outline
- Recent ransomware attacks and lessons learned
- Healthcare entities' vulnerabilities
- Steps to mitigate risk
- HIPAA
- State privacy laws
- Working with third-party vendors
- Reportable breach?
- Best practices to protect against ransomware attacks
Benefits
The panel will review these and other key issues:
- What unique challenges arise for healthcare providers with ransomware attacks?
- What steps should healthcare providers and their counsel take to mitigate the risks of ransomware attacks?
- What are best practices to reduce legal risk and liability when hit with such an attack?
- What challenges do healthcare entities face when working with third-party vendors?
- How does one determine whether a ransomware incident is a reportable breach?
Faculty
Scott T. Lashway
Partner, Co-Leader Privacy and Data Security Practice Group
Manatt, Phelps & Phillips
Mr. Lashway has established himself as one of the nation’s leading cybersecurity and data privacy advisers as... | Read More
Mr. Lashway has established himself as one of the nation’s leading cybersecurity and data privacy advisers as well as a go-to counsel for significant disputes and investigations. Focusing much of his practice on the intersections of law, corporate data and technology, Mr. Lashway is well known for advising clients to anticipate and manage data governance, privacy and security risks across a variety of industries by deftly guiding them through proactive advisory work, incident response and breach investigations, litigation, and government investigations and enforcement actions. His work on cybersecurity and privacy matters dates back two decades and includes a wide variety of matters, including data and IP misappropriation; unauthorized access, acquisition and misuse; hacking; and technology disruptions. While Mr. Lashway represents clients in a large range of industries, he has a significant focus on the healthcare, financial services and technology sectors.
Close
Lindsay B. Nickle
Partner, Vice Chair of the Data Privacy & Cybersecurity Practice
Lewis Brisbois Bisgaard & Smith
Ms. Nickle helps clients by overseeing the process of investigating data security events and interpreting the myriad... | Read More
Ms. Nickle helps clients by overseeing the process of investigating data security events and interpreting the myriad state and federal laws governing data breach response. She also guides clients through regulatory investigations arising from data security incidents. In her role as a breach coach, Ms. Nickle assists her clients with navigating the complex process of responding to the loss, theft or compromise of protected information. Past clients include educational institutions, insurance companies, healthcare providers, accountants, retail merchants, hotels, restaurants, utilities, and governmental entities. In addition, Ms. Nickle assists clients with developing and implementing risk management processes and data security measures related to the receipt and use of confidential, private, and highly sensitive data. She helps clients develop data security programs and draft or refine incident response plans and information governance policies and procedures. Ms. Nickle also assists clients by facilitating data security training and tabletop exercises.
Close