A robust incident response plan against data breaches should include identification, protection, detection, response and recovery. Companies need to understand their roles in response to breaches and the legal implications. Prevention strategies include regular risk assessments and staff training, sophisticated security platforms, and regularly updating security measures. Effective communication during a breach, swift containment and a comprehensive post-breach evaluation can minimise damage and future risk.
OIG: OCR should expand scope of HIPAA audit program
The HHS Office of Inspector General (OIG) has called for the Office for Civil Rights (OCR) to expand its HIPAA audit program and define audit
