BarbriSFCourseDetails
  1. keyboard_arrow_leftBack

Course Details

Course Information
  • smart_display Format

    On-Demand

  • signal_cellular_alt Difficulty Level

  • work Practice Area

    Health

Date & Time
  • event Date

    Wednesday, March 17, 2021

  • schedule Time

    1:00 p.m. ET./10:00 a.m. PT

  • timer Program Length

    90 minutes

Credit Information

  • This 90-minute webinar is eligible in most states for 1.5 CLE credits.

$297.00
CLE
ALL

This CLE course will offer critical insights into the threat of ransomware attacks on healthcare organizations, and best practices inside counsel should consider while preparing for and responding to these events. The panel will examine recent attacks and the lessons learned from them and will discuss the healthcare entities' vulnerabilities and practices that can reduce the risk.

Faculty

Scott T. Lashway
Partner, Co-Leader Privacy and Data Security Practice Group
Manatt Phelps & Phillips LLP

Mr. Lashway has established himself as one of the nation’s leading cybersecurity and data privacy advisers as well as a go-to counsel for significant disputes and investigations. Focusing much of his practice on the intersections of law, corporate data and technology, Mr. Lashway is well known for advising clients to anticipate and manage data governance, privacy and security risks across a variety of industries by deftly guiding them through proactive advisory work, incident response and breach investigations, litigation, and government investigations and enforcement actions. His work on cybersecurity and privacy matters dates back two decades and includes a wide variety of matters, including data and IP misappropriation; unauthorized access, acquisition and misuse; hacking; and technology disruptions. While Mr. Lashway represents clients in a large range of industries, he has a significant focus on the healthcare, financial services and technology sectors.

expand_circle_down Expand to View Full Bio expand_circle_up Collapse Bio
Lindsay B. Nickle
Partner, Vice Chair of the Data Privacy & Cybersecurity Practice
Lewis Brisbois

Ms. Nickle helps clients by overseeing the process of investigating data security events and interpreting the myriad state and federal laws governing data breach response. She also guides clients through regulatory investigations arising from data security incidents. In her role as a breach coach, Ms. Nickle assists her clients with navigating the complex process of responding to the loss, theft or compromise of protected information. Past clients include educational institutions, insurance companies, healthcare providers, accountants, retail merchants, hotels, restaurants, utilities, and governmental entities. In addition, Ms. Nickle assists clients with developing and implementing risk management processes and data security measures related to the receipt and use of confidential, private, and highly sensitive data. She helps clients develop data security programs and draft or refine incident response plans and information governance policies and procedures. Ms. Nickle also assists clients by facilitating data security training and tabletop exercises.

expand_circle_down Expand to View Full Bio expand_circle_up Collapse Bio

Description

The healthcare industry has seen a jump in ransomware attacks over the past year. Since the beginning of COVID-19, hospitals have been particularly vulnerable. A recent report by the FBI, Department of Health and Human Services, and Cybersecurity and Infrastructure Security Agency found that the healthcare industry is at particular risk in the growing cyber attack threat. It warned of "an increased and imminent cybercrime threat" to healthcare providers.

Government agencies are pushing "healthcare providers to ensure that they take timely and reasonable precautions to protect their networks from these threats," including ransomware. Counsel can guide providers in establishing policies and procedures to mitigate privacy and other legal risks while navigating a myriad of privacy laws, including HIPAA and state privacy laws.

Listen as our authoritative panel examines the recent ransomware attacks on healthcare organizations and the lessons learned from these attacks. The panel will discuss the vulnerabilities for healthcare entities and practices that can reduce the risk. The panel will also address issues related to working with third-party vendors and determining whether a ransomware incident is a reportable breach. The panel will offer best practices for protecting against ransomware attacks.

Outline

  1. Recent ransomware attacks and lessons learned
  2. Healthcare entities' vulnerabilities
  3. Steps to mitigate risk
    1. HIPAA
    2. State privacy laws
  4. Working with third-party vendors
  5. Reportable breach?
  6. Best practices to protect against ransomware attacks

Benefits

The panel will review these and other key issues:

  • What unique challenges arise for healthcare providers with ransomware attacks?
  • What steps should healthcare providers and their counsel take to mitigate the risks of ransomware attacks?
  • What are best practices to reduce legal risk and liability when hit with such an attack?
  • What challenges do healthcare entities face when working with third-party vendors?
  • How does one determine whether a ransomware incident is a reportable breach?