
People Capabilities In this section you can find Services Banking and Finance Banking and Finance overview Asset & Lease Finance Capital Markets Corporate Debt Leveraged Finance Project, Energy and Infrastructure Finance Real Estate Finance Restructuring and Insolvency Securitization and Structured Finance Trade and Export Finance Competition, Trade and Foreign Investment Competition, Trade and Foreign Investment overview Antitrust and Competition Litigation Dawn Raids Foreign Investment and National Security Law International Sanctions and Export Controls International Trade Law Merger Control Procurement and State Aid Construction and Engineering Construction and Engineering overview Construction Disputes Contracts and Procurement EPC Project Advisory Corporate and M&A Corporate and M&A overview Business Development Companies Capital Markets Corporate Governance International Corporate Reorganizations Joint Ventures Mergers and Acquisitions Private Equity Small Business Investment Companies (SBICs) Venture Capital Corporate Crime Corporate Crime overview Anti-Bribery and Corruption Anti-Money Laundering International Sanctions and Export Controls Regulatory Investigations and Enforcement Data Privacy, Security and Technology Data Privacy, Security and Technology overview Congressional Investigations Cybersecurity Data Privacy Disruptive Technology Electronic and Mobile Commerce Information Law Product Counseling Regulatory Defense and Litigation Technology Transactions and Sourcing Telecom Services Employment, Labor and Pensions Employment, Labor and Pensions overview Corporate Transactions Cross-Border Employment and Pensions Diversity, Pay and Discrimination Employee Benefits and Executive Compensation Employment Employment Litigation Global Mobility and Immigration Labor and Industrial Relations Pensions and Retirement Plans Pensions Risk Transfer and Management Environment and Natural Resources Financial Services Regulation Financial Services Regulation overview Asset Management Business Development Companies Crypto Assets Derivatives Financial Services Disputes and Investigations Funds Small Business Investment Companies (SBICs) Insurance Insurance overview Captives Insurance and Reinsurance Disputes Insurance and Retirement Products, Insurance Distribution Insurance Financing and Capital Markets Insurance M&A, Reinsurance and Restructuring Insurance Regulation and Compliance Insurance Regulatory Investigations and Enforcement Insurance Taxation Insurtech Pensions Risk Transfer and Management Intellectual Property Intellectual Property overview IP Audits and Assessments IP Litigation IP Transactional Patents Trademarks, Trade Dress and Copyrights Trade Secrets Investigations Investigations overview Antitrust and Competition Investigations Congressional Investigations Employment Investigations Internal Investigations National Security Investigations Konexo Konexo overview Legal Services Interim Resourcing Data and Cyber Consulting Legal Team Consulting Litigation and Dispute Resolution Litigation and Dispute Resolution overview Antitrust and Competition Investigations Appellate Class Actions Commercial Litigation Construction Disputes Energy Disputes Environmental, Health and Safety Financial Services Disputes and Investigations Fraud Insurance and Reinsurance Disputes International Arbitration Procurement Disputes Professional Liability Real Estate Disputes Regulatory Investigations and Enforcement Securities Enforcement and Litigation Tax Controversy and Litigation Unclaimed Property Real Estate and Planning Real Estate and Planning overview Commercial Development and Leasing Corporate Real Estate Investment Management and Fund Formation Planning and Environmental Real Estate Disputes Real Estate Finance Living Strategic Contracts Strategic Contracts overview Contract Modernization Outsourcing Strategic Partnerships Tax Tax overview Acquisitions and Restructuring Business Taxation Employee Benefits and Executive Compensation Federal Tax Real Estate Tax Taxation of Financial Transactions and Institutions Tax Controversy and Litigation Transfer Pricing US State and Local Tax VAT/Indirect Taxes Industries Agribusiness, Forestry and Climate Solutions Consumer Consumer overview Food and Beverage Hospitality Luxury Retail and Wholesale Education Energy Energy overview Clean Energy Electric Cooperatives Energy and Commodities Trading Energy Regulatory Hydrogen Nuclear Oil and Gas Power State Energy Regulatory Group Financial Services Financial Services overview Corporate and Investment Banking Payments and Fintech Private Capital Retail Banking and Consumer Finance Governments and Infrastructure Governments and Infrastructure overview Governments and Strategic Projects Infrastructure Public-private Partnerships Transportation Industrials Industrials overview Aerospace, Defense and Security Automotive Chemicals Manufacturing and Industrial Engineering Life Sciences and Healthcare Life Sciences and Healthcare overview Agriculture and Medicinal Cannabis and CBD Healthcare Industrial Biotechnology Medical Devices Pharmaceuticals and Biotechnology Research and Development Vaccines Real Estate Real Estate overview Alternative Assets Multi and Single Family Residential Office and Industrial Real Estate Investment Retail and Mixed Use Sports Sports overview College Athletics Technology & Digital Technology & Digital overview Digital Content Digital Infrastructure Technology Resources Insights Client tools Events and training Business topics About About us Firm leadership Purpose and values Responsible business Community Diversity, equity and inclusion Environment Pro bono Reports Alumni News Mason Howell Sponsorship Careers US careers Applications Why us? Lawyers and partners Business professionals Students and recent graduates Summer Program LLM Extern Program New attorneys Professional Development Offices United States Visit global site Select a local version of the site Angola Asia Austria Belgium Bulgaria Czech Republic Estonia Finland France Germany Hungary Iraq Ireland Italy Jordan Latvia Lithuania Luxembourg Mauritius Mozambique Netherlands Poland Portugal Qatar Romania Saudi Arabia Slovakia South Africa Spain Sweden Switzerland Tunisia United Arab Emirates United Kingdom United States Rest of the world en Select language English The Government Agency That Oversees HIPAA ‘Not Effective’ at Improving Cybersecurity, Report Finds Home About News Home About News The Government Agency That Oversees HIPAA ‘Not Effective’ at Improving Cybersecurity, Report Finds The Government Agency That Oversees HIPAA ‘Not Effective’ at Improving Cybersecurity, Report Finds December 19, 2024 United States United States United States Healthcare Brew Senior Counsel Leslie Bender spoke to Healthcare Brew discussing the rise in cyberattacks against healthcare systems in recent years and why the industry should be using a tool published in February that allows healthcare facilities to conduct self-audits of their cybersecurity standards. The healthcare industry “should be” using the tool to test and audit its own cybersecurity standards, she told Healthcare Brew, adding that “it feels unfair to criticize the OCR for not doing something that it didn’t have the money to do.” “Ransomware attacks on healthcare entities are really treasure troves of incredibly valuable information,” she said. “I think that’s why there are so many cyberattacks that target healthcare entities, and I don’t know how 91 people working for the OCR could prevent that.” The materials on the Eversheds Sutherland website are for general information purposes only and do not constitute legal advice. While reasonable care is taken to ensure accuracy, the materials may not reflect the most current legal developments. Eversheds Sutherland disclaims liability for actions taken based on the materials. Always consult a qualified lawyer for specific legal matters. To view the full disclaimer, see our Terms and Conditions or Disclaimer section in the footer. Services Cybersecurity Key contacts Leslie C. Bender Senior Counsel Washington, DC, United States Latest Insights legal updates Illinois tax increases part two: Digital asset privilege tax, prediction markets, NOL carryover limitations, and more legal updates Georgia’s corporate governance reform: Key changes under HB 1185 legal updates Illinois tax increases part one: Digital services taxes legal updates Consumer Lens - Session 1 \| The Rise of European Class Actions Latest News client news Next stop, public ownership: Eversheds Sutherland advises DfT on GTR transition firm news Eversheds Sutherland strengthens restructuring offering with senior partner appointment firm news Eversheds Sutherland strengthens Commercial Advisory practice with technology partner hire firm news Eversheds Sutherland Advises Powerlaw Corp. on NASDAQ Listing as PWRL Latest Events virtual \| June 02, 2026 Spanish employment law training virtual \| June 09, 2026 UK employment law training virtual \| June 16, 2026 Nordic (Denmark, Finland, Norway and Sweden) employment law training virtual \| June 23, 2026 Introduction to Swiss employment law Tabs Label legal updates June 02, 2026 Illinois tax increases part two: Digital asset privilege tax, prediction ma... legal updates June 02, 2026 Georgia’s corporate governance reform: Key changes under HB 1185 legal updates June 01, 2026 Illinois tax increases part one: Digital services taxes legal updates May 29, 2026 Consumer Lens - Session 1 \| The Rise of European Class Actions Legal notices Terms & conditions Privacy notice Cookies Disclaimer LinkedIn Facebook YouTube Connect Contact us Client login Staff login Subscribe About us About Eversheds Sutherland Purpose and values Responsible business Alumni Insights Client tools Events and training Business topics Careers Sitemap Offices © 2026 Eversheds Sutherland (US) LLP Eversheds Sutherland is the name and brand under which the members of Eversheds Sutherland Limited (Eversheds Sutherland (International) LLP and Eversheds Sutherland (US) LLP) and their respective controlled, managed or affiliated firms and the members of Eversheds Sutherland (Europe) Limited and Eversheds Sutherland (Africa) Limited (each an "Eversheds Sutherland Entity" and together the "Eversheds Sutherland Entities") provide legal or other services to clients around the world. Eversheds Sutherland Entities are constituted and regulated in accordance with relevant local regulatory and legal requirements. The use of the name Eversheds Sutherland, is for description purposes only and does not imply that the member firms or their controlled, managed or affiliated entities are in a partnership or are part of a global entity. The responsibility for the provision of services to the client is defined in the terms of engagement between the instructed firm and the client. For information on Konexo please also see the Legal Notices page of this website ATTORNEY ADVERTISING - Prior results do not guarantee a similar outcome. Unless otherwise indicated, attorneys at Eversheds Sutherland (US) LLP are not certified by the Texas Board of Legal Specialization.

Telemedicine service online video call for doctor to actively chat with patient via remote healthcare consultant software . People can use app to contact doctors for virtual meeting from home .

The Government Agency That Oversees HIPAA ‘Not Effective’ at Improving Cybersecurity, Report Finds

December 19, 2024

United States

Healthcare Brew

Senior Counsel Leslie Bender spoke to Healthcare Brew discussing the rise in cyberattacks against healthcare systems in recent years and why the industry should be using a tool published in February that allows healthcare facilities to conduct self-audits of their cybersecurity standards.

The healthcare industry “should be” using the tool to test and audit its own cybersecurity standards, she told Healthcare Brew, adding that “it feels unfair to criticize the OCR for not doing something that it didn’t have the money to do.”

“Ransomware attacks on healthcare entities are really treasure troves of incredibly valuable information,” she said. “I think that’s why there are so many cyberattacks that target healthcare entities, and I don’t know how 91 people working for the OCR could prevent that.”

The materials on the Eversheds Sutherland website are for general information purposes only and do not constitute legal advice. While reasonable care is taken to ensure accuracy, the materials may not reflect the most current legal developments. Eversheds Sutherland disclaims liability for actions taken based on the materials. Always consult a qualified lawyer for specific legal matters. To view the full disclaimer, see our Terms and Conditions or Disclaimer section in the footer.

Leslie C. Bender

Senior Counsel

Washington, DC, United States

Latest Insights

legal updates
Illinois tax increases part two: Digital asset privilege tax, prediction markets, NOL carryover limitations, and more
legal updates
Georgia’s corporate governance reform: Key changes under HB 1185
legal updates
Illinois tax increases part one: Digital services taxes
legal updates
Consumer Lens - Session 1 | The Rise of European Class Actions

Latest News

Latest Events

virtual | June 02, 2026
Spanish employment law training
virtual | June 09, 2026
UK employment law training
virtual | June 16, 2026
Nordic (Denmark, Finland, Norway and Sweden) employment law training
virtual | June 23, 2026
Introduction to Swiss employment law

Tabs Label

skyscrapers upward view modern city glass buildings corporate architecture

legal updates

June 02, 2026

Illinois tax increases part two: Digital asset privilege tax, prediction ma...

blue-building-windows-angular-168133144_m_flipped

legal updates

June 02, 2026

Georgia’s corporate governance reform: Key changes under HB 1185

Curved building with hexagonal patterned glass

legal updates

June 01, 2026

Illinois tax increases part one: Digital services taxes

legal updates

May 29, 2026

Consumer Lens - Session 1 | The Rise of European Class Actions

Offices

Eversheds Sutherland is the name and brand under which the members of Eversheds Sutherland Limited (Eversheds Sutherland (International) LLP and Eversheds Sutherland (US) LLP) and their respective controlled, managed or affiliated firms and the members of Eversheds Sutherland (Europe) Limited and Eversheds Sutherland (Africa) Limited (each an "Eversheds Sutherland Entity" and together the "Eversheds Sutherland Entities") provide legal or other services to clients around the world. Eversheds Sutherland Entities are constituted and regulated in accordance with relevant local regulatory and legal requirements. The use of the name Eversheds Sutherland, is for description purposes only and does not imply that the member firms or their controlled, managed or affiliated entities are in a partnership or are part of a global entity. The responsibility for the provision of services to the client is defined in the terms of engagement between the instructed firm and the client. For information on Konexo please also see the Legal Notices page of this website
ATTORNEY ADVERTISING - Prior results do not guarantee a similar outcome.
Unless otherwise indicated, attorneys at Eversheds Sutherland (US) LLP are not certified by the Texas Board of Legal Specialization.

The Government Agency That Oversees HIPAA ‘Not Effective’ at Improving Cybersecurity, Report Finds

Services

Key contacts

Latest Insights

Latest News

Latest Events