Inside Cybersecurity

March 29, 2024

Daily News

HHS official clarifies breach notification requirements amid 'WannaCry' attack

By Joshua Higgins / May 18, 2017

A Department of Health and Human Services official is highlighting the department’s guidance on ransomware attacks in the aftermath of the “WannaCry” episode affecting international health organizations and other sectors, clarifying when ransomware incidents would require breach notifications and risk assessments.

Iliana Peters, senior adviser for Health Insurance Portability and Accountability Act compliance and enforcement at HHS’ Office of Civil Rights, said at Georgetown Law’s Cybersecurity Law Institute on Wednesday that “we presume a breach has occurred” when an HIPAA...


Log in to access this content.


Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.