Respond, Report, Assess: OCR Releases Cyberattack Response Checklist

​A recently released checklist from the U.S. Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) outlines what steps must be taken and what steps should be taken in the event of a cyberattack. After a cyberattack occurs, entities must execute mitigation procedures and contingency plans, OCR said. For example, entities must immediately fix any technical issue that helped cause the incident and take steps to mitigate any disclosure of protected health information.