Cybersecurity Newsletters Archive

In 2019, OCR moved to quarterly cybersecurity newsletters. The purpose of the newsletters remains unchanged: to help HIPAA covered entities and business associates remain in compliance with the HIPAA Security Rule by identifying emerging or prevalent issues, and highlighting best practices to safeguard PHI.

Years on this page:   2018 |   2017 | 2016

2018

January 2018 OCR Cybersecurity Newsletter: Cyber Extortion

February 2018 OCR Cybersecurity Newsletter:  Phishing

March 2018 OCR Cybersecurity Newsletter:  Contingency Planning

April 2018 OCR Cybersecurity Newsletter:  Risk Analyses vs. Gap Analyses-What is the difference? UPDATED

May 2018 OCR Cybversecurity Newsletter:  Workstation Security

June 2018 OCR Cybersecurity Newsletter: Software Vulnerabilities and Patching

July 2018 OCR Cybersecurity Newsletter:  Guidance on Disposing of Electronic Devices and Media

August 2018 OCR Cybersecurity Newsletter:  Considerations for Securing Electronic Media and Devices

October 2018 OCR Cybersecurity Newsletter:  National Cybersecurity Awareness Month

2017

January 2017 OCR Cybersecurity Newsletter: Understanding the Importance of Audit Controls - PDF

February 2017 OCR Cybersecurity Newsletter: Reporting and Monitoring Cyber Threats - PDF

April 2017 OCR Cybersecurity Newsletter: Man-in-the-Middle Attacks and HTTPS Inspection Products - PDF

May 2017 OCR Cybersecurity Newsletter: Cybersecurity Incidents will happen… Remember to Plan, Respond, and Report! - PDF

June 2017 OCR Cybersecurity Newsletter: File Sharing and Cloud Computing: What to Consider?

July 2017 OCR Cybersecurity Newsletter: Train Your Workforce, so They Don’t Get Caught by a Phish!

August 2017 OCR Cybersecurity Newsletter: Protecting yourself from potential scammers while being charitable

September 2017 OCR Cybersecurity Newsletter: National Cybersecurity Awareness Month

October 2017 OCR Cybersecurity Newsletter: Mobile Devices and Protected Health Information (PHI)

November 2017 OCR Cybersecurity Newsletter:  Insider Threats and Termination Procedures

December 2017 OCR Cybersecurity Newsletter: Cybersecurity While on Holiday 

2016

February 2016 OCR Cybersecurity Newsletter: Ransomware, Tech Support Scam, and Scam Tracker Tool - PDF

March 2016 OCR Cybersecurity Newsletter: Tips for Keeping PHI Safe, NSA’s Lessons Learned, Malware - PDF

April 2016 OCR Cybersecurity Newsletter: New Cyber Threats and Attacks on the Healthcare Sector - PDF

May 2016 OCR Cybersecurity Newsletter: Is Your Business Associate Prepared for a Security Incident? - PDF

June 2016 OCR Cybersecurity Newsletter: What’s in Your Third-Party Application Software? - PDF

July 2016 OCR Cybersecurity Newsletter: Is your Covered Entity or Business Associate Capable of Responding to a CyberSecurity Incident? - PDF

August 2016 OCR Cybersecurity Newsletter: Do You Know Who Your Employees Are? - PDF

September 2016 OCR Cybersecurity Newsletter: Cyber Threat Information-Sharing - PDF

October 2016 OCR Cybersecurity Newsletter: Mining More than Gold - PDF

November 2016 OCR Cybersecurity Newsletter: What Type of Authentication is Right for you? - PDF

December 2016 OCR Cybersecurity Newsletter: Understanding DoS and DDoS Attacks and Best Practices for Prevention - PDF