Data Breaches in Healthcare: Responding to Skyrocketing Cyber Attacks

Managing Risk, Responding to Breaches and OCR Investigations, Minimizing HIPAA Liability

Recording of a 90-minute CLE webinar with Q&A

This program is included with the Strafford CLE Pass. Click for more information.
This program is included with the Strafford All-Access Pass. Click for more information.

Conducted on Thursday, March 24, 2016

Recorded event now available

or call 1-800-926-7926
Course Materials

This CLE course will provide guidance to healthcare practitioners and in-house counsel on protecting data security in the healthcare industry. The panel will review best practices for breach preparedness and breach response and discuss effective approaches for managing regulatory compliance, litigation risk, and insurance coverage.


Since October 2009, the Department of Health and Human Services has received reports of data breaches involving over 154 million individual health records—over 113 million in 2015 alone. The health care sector has become a favorite target of the most sophisticated criminal hackers, some of whom have the backing of foreign governments.

As the risk of cyber attacks increases, the healthcare industry is simultaneously witnessing increased enforcement activity at both the federal and state level. In May 2014, for example, two prominent medical institutions in New York agreed to a $4.8 million data breach settlement with HHS. Healthcare companies that fall victim to a breach will have to navigate multiple challenges including breach notification requirements, state and federal government investigations, and class action litigation.

Listen as our authoritative panel of attorneys discusses the current threat environment for the healthcare sector and evolving best practices for cybersecurity preparedness. The panel will discuss strategies for regulatory compliance and offer suggestions for responding to OCR investigations and reducing liability risk. The panel will explain the available options for insuring data breach costs and the role insurance plays in effective breach response.



  1. Breach Preparedness Strategies
    1. HIPAA and regulatory compliance
    2. Cyber risk assessments
    3. Vendor management
    4. Cyber Insurance
  2. Responding to the Breach
    1. Effective response planning
    2. PHI reporting and notice obligations
    3. Damage mitigation
    4. Pursuing insurance recovery
  3. Responding to an OCR investigation
    1. Interacting with regulators
    2. Establishing investigation parameters
    3. Data protection


The panel will review these and other key issues:

  • What measures should healthcare providers take to ensure compliance with HIPAA and state law privacy and security requirements?
  • What steps should healthcare providers and their counsel take in response to a data breach to mitigate damages?
  • How to prepare for and appropriately navigate government investigations resulting from a data breach.
  • What types of breach-related costs are covered by cyber insurance?
  • What steps should healthcare companies take after a breach occurs to maximize their insurance recovery?


Joshua Carlson
Joshua Carlson

Joshua Carlson

Mr. Carlson has over 15 years’ experience in data security and data privacy, and provides guidance to companies...  |  Read More

DeNatale, Richard
Richard (Rich) DeNatale

Jones Day

Mr. DeNatale has more than 20 years of experience advising corporate policyholders on insurance claims and coverage...  |  Read More

Todd S. McClelland
Todd S. McClelland

Jones Day

Mr. McClelland advises clients on data breach response and other information security-related issues, including...  |  Read More

Access Anytime, Anywhere

Strafford will process CLE credit for one person on each recording. All formats include course handouts.

To find out which recorded format will provide the best CLE option, select your state:

CLE On-Demand Video