Cybersecurity Incident Prevention for Pediatric Practices


Worried about your practice’s cybersecurity? Read on to learn what you can do to prepare for and prevent a security breach at your practice.

Please Note: This article should not be taken as legal advice. Reach out to legal counsel to understand your rights and responsibilities.

Prepare for Emergencies

Learn what you can do to prepare for a data breach or other emergencies.

Consider Your Practice’s Unique Circumstances:

Every practice is unique, from physical location to networking. As part of your HIPAA security assessment, you’ll identify potential breach pathways, and make a plan for each unique situation. You can learn more about HIPAA here.

Know Who to Trust:

Only take advice from vetted, expert resources. PCC recognizes the US Department of Health and Human Services as a trusted source for the most up-to-date information on HIPAA practices.

Create a Security Plan:

  • Know what you’ll do in case of an emergency, physical or digital HIPAA Security Plan.
  • Know who will take what action in the event of a breach.
  • Know in what circumstances you would turn off or leave on devices and wireless networks.
  • Have a plan for other types of emergencies that could affect patient care or access to your data.

Train On and Practice Emergency Protocols:

Train your staff and practice what to do so that everyone knows what to do and can remain calm in case of a real emergency.

Take Steps to Prevent a Breach

Planning, training, and staying informed are key steps to preventing a breach.

  • Follow guidance from trusted sources, such as the US Department of Health and Human Services.
  • Uphold data security best practices for your pediatric office.
  • Take action on these tips for improving cybersecurity for your practice.

    • In the Event of a Breach

    If a breach happens, remain calm and follow your security plan.

    Remain Calm:

    Don’t let bad actors take advantage of heightened emotions. Reduce the potential for mistakes by calmly working through what needs to be done.

    Follow Your HIPAA Security Plan:

    You already named a security officer for your practice and did the work of creating a security plan during preparation. Follow each applicable step in your security plan. Depending on the circumstances, this might include contacting your legal counsel or local authorities.

    Think Critically:

    Only collaborate with trusted vendors. If something sounds too good to be true, it probably is.

    Comply with Regulations:

    Follow the recommendation of trusted sources and regulatory bodies, such as the US Department of Health and Human Services. For example: Main page: Breach Notification Rule | HHS.gov, Submitting a breach: Submitting Notice of a Breach to the Secretary | HHS.gov

    • Last modified: May 28, 2026