U.S. health care organizations of all types as well as other entities in the health care industry face intensifying cybercrime threats, particularly in the form of ransomware attacks. Ransomware is a serious form of cyber extortion that employs malware to prevent users from accessing their systems or data, either by locking the system or encrypting critical files until a ransom is paid. The hacker holds the key to unlock the system and usually demands payment in cryptocurrency.
Health care clients turn to Epstein Becker Green’s Privacy, Cybersecurity, and Data Asset Management team to help protect them from constant cyber threats from hackers, employees, and other malicious actors. Our attorneys are thought leaders in anticipating cyberattacks and designing effective strategies to combat and respond to these threats. We partner with our clients to protect all their sensitive data, including personal data, proprietary data, emerging technologies, and trade secrets. Clients value our ability to translate regulatory standards requiring reasonable and effective cybersecurity measures into practical solutions and programs consistent with risk and operational needs.
- Review and update cybersecurity policies and procedures
- Prepare incident response protocols
- Counsel on business continuity strategies
- Analyze contracts to ensure appropriate allocation of risk
- Review cybersecurity insurance policies for appropriate coverage
- Provide live or virtual trainings
- Conduct vulnerability scanning and penetration testing
- Conduct “tabletop” preparedness exercises
- Establish and convene a Security Event Response Team to investigate and respond
- Engage a cybersecurity forensics firm under privilege
- Provide counsel on carrying out business continuity plans
- Establish protocols and provide support when notifying law enforcement authorities and other regulators
- Counsel clients on the payment of ransom to threat actors
- Defend clients in disputes