Each day the health care sector is subjected to an onslaught of thousands of ransomware virus attacks which attempt to capture a provider’s IT operations until a ransom is paid to the hacker. Apart from monetary, functional, and civil liability considerations, compromised health systems that contain electronic patient health information could expose a provider to legal liability under multiple HIPAA laws. This article will explore how recent amendments made to HIPAA, particularly under the Omnibus and HITECH Acts, incentivize providers to obtain legal, functional, and policy-based benefits by utilizing off-site data backup business associates as part of their cybersecurity defense strategy in the escalating war against ransomware.
Finding an Unlikely Combatant in the War Against Ransomware: Opportunities for Providers to Utilize Off-Site Data Backup Within the HIPAA Omnibus and Hitech Amendments,
St. Louis U. J. Health L. & Pol'y
Available at: https://scholarship.law.slu.edu/jhlp/vol11/iss2/7