This Tip Sheet specifically addresses how cyber insurance coverage can support health centers in meeting their obligations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to respond to security incidents and to report breaches.This Tip Sheet provides a review of the following HIPAA requirements:
- Security Incidents and Incident Response • Breach Determination
- Breach Reporting
- Responding to Investigations, Compliance Reviews and Lawsuits
Each section also includes suggested “key terms” to be included in a cybersecurity insurance policy and “key questions” what to ask your insurance carrier or broker.
This Tip Sheet was supported by the Health Resources and Services Administration (HRSA) of the U.S. Departmentof Health and Human Services (HHS) as part of an award totaling $6,625,000 with 0 percentage financed with nongovernmental sources. The contents are those of the author(s) and do not necessarily represent the official views of, nor an endorsement, by HRSA, HHS, or the U.S. Government. For more information, please visit HRSA.gov.