
People Capabilities In this section you can find Services Banking and Finance Banking and Finance overview Asset & Lease Finance Capital Markets Corporate Debt Fintech Leveraged Finance Project, Energy and Infrastructure Finance Real Estate Finance Restructuring and Insolvency Securitization and Structured Finance Trade and Export Finance Competition, Trade and Foreign Investment Competition, Trade and Foreign Investment overview Antitrust and Competition Investigations Antitrust and Competition Litigation Dawn Raids Foreign Investment and National Security Law International Sanctions and Export Controls International Trade Law Merger Control Procurement and State Aid Construction and Engineering Construction and Engineering overview Contracts and Procurement EPC Project Advisory Corporate and M&A Corporate and M&A overview Capital Markets Company Secretarial Services Corporate Governance International Corporate Reorganizations Joint Ventures Mergers and Acquisitions Private Equity Venture Capital Corporate Crime Corporate Crime overview International Sanctions and Export Controls Data Privacy, Security and Technology Data Privacy, Security and Technology overview Cybersecurity Data Privacy Disruptive Technology Electronic and Mobile Commerce Information Law Product Counseling Regulatory Defense and Litigation Technology Transactions and Sourcing Telecom Services Employment, Labor and Pensions Employment, Labor and Pensions overview Corporate Transactions Cross-Border Employment and Pensions Diversity, Pay and Discrimination Early Retirement Plans and RVU Mandatory Sectoral Pension Funds Assessment Pension Fund Governance Pensions and Retirement Plans Pensions Risk Transfer and Management Pensions Scheme Disputes Public Sector Pensions Tax Aspects of Pensions Financial Services Regulation Financial Services Regulation overview Asset Management Crypto Assets Derivatives Financial Services Disputes and Investigations Funds Insurance Insurance overview Insurance and Reinsurance Disputes Insurance and Retirement Products, Insurance Distribution Insurance M&A, Reinsurance and Restructuring Insurance Regulation and Compliance Insurance Regulatory Investigations and Enforcement Insurtech Pensions Risk Transfer and Management Intellectual Property Intellectual Property overview IP Audits and Assessments IP Litigation IP Transactional Patents Trademarks, Trade Dress and Copyrights Trade Secrets Konexo Konexo overview Legal Services Interim Resourcing Data and Cyber Consulting Legal Team Consulting Litigation & Dispute Resolution Litigation & Dispute Resolution overview Class Actions Commercial Litigation Energy Disputes Environmental, Health and Safety Financial Services Disputes and Investigations Insurance and Reinsurance Disputes International Arbitration Real Estate Disputes Real Estate and Planning Real Estate and Planning overview Commercial Development and Leasing Corporate Real Estate Planning and Environmental Planning and Infrastructure Real Estate Disputes Real Estate Finance Living Strategic Contracts Strategic Contracts overview Contract Modernization Outsourcing Strategic Partnerships Tax Tax overview Acquisitions and Restructuring Business Taxation Employee Benefits and Executive Compensation Real Estate Tax Taxation of Financial Transactions and Institutions Tax Controversy and Litigation VAT/Indirect Taxes Industries Consumer Consumer overview Food and Beverage Hospitality and Leisure Luxury Retail and Wholesale Energy Energy overview Clean Energy Energy Regulatory Hydrogen Nuclear Oil and Gas Power Financial Services Financial Services overview Corporate and Investment Banking Private Capital Retail Banking and Consumer Finance Governments and Infrastructure Governments and Infrastructure overview Governments and Strategic Projects Infrastructure Transportation Industrials Industrials overview Aerospace, Defense and Security Automotive Chemicals Manufacturing and Industrial Engineering Life Sciences and Healthcare Life Sciences and Healthcare overview Agriculture and Medicinal Cannabis and CBD Healthcare Industrial Biotechnology Medical Devices Pharmaceuticals and Biotechnology Research and Development Vaccines Real Estate Real Estate overview Alternative Assets Multi and Single Family Residential Office and Industrial Real Estate Investment Retail and Mixed Use Transport Related Real Estate Technology & Digital Technology & Digital overview Digital Content Digital Infrastructure Technology Resources Insights Client tools Events and training Business topics About About us Firm leadership Purpose and values Responsible business Community Diversity and inclusion Environmental sustainability Pro bono Reports Alumni News Careers Global careers Applications Why us? Lawyers and partners Business professionals Students and recent graduates Offices Netherlands Visit global site Select a local version of the site Angola Asia Austria Belgium Bulgaria Czech Republic Estonia Finland France Germany Hungary Iraq Ireland Italy Jordan Latvia Lithuania Luxembourg Mauritius Mozambique Netherlands Poland Portugal Qatar Romania Saudi Arabia Slovakia South Africa Spain Sweden Switzerland Tunisia United Arab Emirates United Kingdom United States Rest of the world en Select language English The Government Agency That Oversees HIPAA ‘Not Effective’ at Improving Cybersecurity, Report Finds Home About News Home About News The Government Agency That Oversees HIPAA ‘Not Effective’ at Improving Cybersecurity, Report Finds The Government Agency That Oversees HIPAA ‘Not Effective’ at Improving Cybersecurity, Report Finds December 19, 2024 United States United States United States Healthcare Brew Senior Counsel Leslie Bender spoke to Healthcare Brew discussing the rise in cyberattacks against healthcare systems in recent years and why the industry should be using a tool published in February that allows healthcare facilities to conduct self-audits of their cybersecurity standards. The healthcare industry “should be” using the tool to test and audit its own cybersecurity standards, she told Healthcare Brew, adding that “it feels unfair to criticize the OCR for not doing something that it didn’t have the money to do.” “Ransomware attacks on healthcare entities are really treasure troves of incredibly valuable information,” she said. “I think that’s why there are so many cyberattacks that target healthcare entities, and I don’t know how 91 people working for the OCR could prevent that.” The materials on the Eversheds Sutherland website are for general information purposes only and do not constitute legal advice. While reasonable care is taken to ensure accuracy, the materials may not reflect the most current legal developments. Eversheds Sutherland disclaims liability for actions taken based on the materials. Always consult a qualified lawyer for specific legal matters. To view the full disclaimer, see our Terms and Conditions or Disclaimer section in the footer. Services Cybersecurity Data Privacy Key contacts Leslie C. Bender Senior Counsel Washington, DC, United States Latest Insights legal updates EU VAT: Loan servicing exemption narrowed in securitizations legal updates Commercially Connected Shorts - 17 June 2026 legal updates Expansion of Dutch FDI screening to six new technologies legal updates EU Pay Transparency Directive: Job evaluation and classification guidelines Latest News client news Advising Trane Technologies on the acquisition of Transport-Kälte-Vertrieb GmbH (TKV) firm news Eversheds Sutherland continues European expansion with further strategic partner hire in project finance client news client news Latest Events virtual \| June 23, 2026 virtual \| July 08, 2026 virtual \| September 10, 2026 in-person \| September 17, 2026 Tabs Label legal updates June 23, 2026 EU VAT: Loan servicing exemption narrowed in securitizations legal updates June 17, 2026 Commercially Connected Shorts - 17 June 2026 legal updates June 17, 2026 Expansion of Dutch FDI screening to six new technologies legal updates June 16, 2026 EU Pay Transparency Directive: Job evaluation and classification guideline... Legal notices Terms & conditions Privacy notice Cookies Whistleblowing List of ES(I) LLP Members LinkedIn Facebook YouTube Connect Contact us Client login Staff login Subscribe About us About Eversheds Sutherland Purpose and values Responsible business Alumni Insights Client tools Events and training Business topics Careers Offices © Eversheds Sutherland 2026. All rights reserved. Eversheds Sutherland is a provider of legal and other services operating through various separate and distinct legal entities. For further information about these entities and Eversheds Sutherlands' structure please see the Legal Notice page of this website. Eversheds Sutherland is the name and brand under which the members of Eversheds Sutherland Limited (Eversheds Sutherland (International) LLP and Eversheds Sutherland (US) LLP) and their respective controlled, managed and affiliated firms and the members of Eversheds Sutherland (Europe) Limited (each an "Eversheds Sutherland Entity" and together the "Eversheds Sutherland Entities") provide legal or other services to clients around the world. Eversheds Sutherland Entities are constituted and regulated in accordance with relevant local regulatory and legal requirements and operate in accordance with their locally registered names. The use of the name Eversheds Sutherland, is for description purposes only and does not imply that the Eversheds Sutherland Entities are in a partnership or are part of a global LLP. The responsibility for the provision of services to the client is defined in the terms of engagement between the instructed firm and the client. For further information about these Eversheds Sutherland Entities and Eversheds Sutherlands’ structure please see the Legal Notices page of this website. For information on Konexo please also see the Legal Notices page of this

Telemedicine service online video call for doctor to actively chat with patient via remote healthcare consultant software . People can use app to contact doctors for virtual meeting from home .

The Government Agency That Oversees HIPAA ‘Not Effective’ at Improving Cybersecurity, Report Finds

December 19, 2024

United States

Healthcare Brew

Senior Counsel Leslie Bender spoke to Healthcare Brew discussing the rise in cyberattacks against healthcare systems in recent years and why the industry should be using a tool published in February that allows healthcare facilities to conduct self-audits of their cybersecurity standards.

The healthcare industry “should be” using the tool to test and audit its own cybersecurity standards, she told Healthcare Brew, adding that “it feels unfair to criticize the OCR for not doing something that it didn’t have the money to do.”

“Ransomware attacks on healthcare entities are really treasure troves of incredibly valuable information,” she said. “I think that’s why there are so many cyberattacks that target healthcare entities, and I don’t know how 91 people working for the OCR could prevent that.”

The materials on the Eversheds Sutherland website are for general information purposes only and do not constitute legal advice. While reasonable care is taken to ensure accuracy, the materials may not reflect the most current legal developments. Eversheds Sutherland disclaims liability for actions taken based on the materials. Always consult a qualified lawyer for specific legal matters. To view the full disclaimer, see our Terms and Conditions or Disclaimer section in the footer.

Leslie C. Bender

Senior Counsel

Washington, DC, United States

Latest Insights

legal updates
EU VAT: Loan servicing exemption narrowed in securitizations
legal updates
Commercially Connected Shorts - 17 June 2026
legal updates
Expansion of Dutch FDI screening to six new technologies
legal updates
EU Pay Transparency Directive: Job evaluation and classification guidelines

Latest News

client news
Advising Trane Technologies on the acquisition of Transport-Kälte-Vertrieb GmbH (TKV)
firm news
Eversheds Sutherland continues European expansion with further strategic partner hire in project finance
client news
client news

Latest Events

virtual | June 23, 2026
virtual | July 08, 2026
virtual | September 10, 2026
in-person | September 17, 2026

Tabs Label

Modern glass building with angular design and teal-tinted windows

legal updates

June 23, 2026

EU VAT: Loan servicing exemption narrowed in securitizations

Looking up downtown skyscrapers urban cityscape perspective

legal updates

June 17, 2026

Commercially Connected Shorts - 17 June 2026

modern office interior glass ceiling architectural lines corporate building

legal updates

June 17, 2026

Expansion of Dutch FDI screening to six new technologies

legal updates

June 16, 2026

EU Pay Transparency Directive: Job evaluation and classification guideline...

Offices

© Eversheds Sutherland 2026. All rights reserved. Eversheds Sutherland is a provider of legal and other services operating through various separate and distinct legal entities. For further information about these entities and Eversheds Sutherlands' structure please see the Legal Notice page of this website.

Eversheds Sutherland is the name and brand under which the members of Eversheds Sutherland Limited (Eversheds Sutherland (International) LLP and Eversheds Sutherland (US) LLP) and their respective controlled, managed and affiliated firms and the members of Eversheds Sutherland (Europe) Limited (each an "Eversheds Sutherland Entity" and together the "Eversheds Sutherland Entities") provide legal or other services to clients around the world. Eversheds Sutherland Entities are constituted and regulated in accordance with relevant local regulatory and legal requirements and operate in accordance with their locally registered names. The use of the name Eversheds Sutherland, is for description purposes only and does not imply that the Eversheds Sutherland Entities are in a partnership or are part of a global LLP. The responsibility for the provision of services to the client is defined in the terms of engagement between the instructed firm and the client. For further information about these Eversheds Sutherland Entities and Eversheds Sutherlands’ structure please see the Legal Notices page of this website. For information on Konexo please also see the Legal Notices page of this

The Government Agency That Oversees HIPAA ‘Not Effective’ at Improving Cybersecurity, Report Finds

Services

Key contacts

Latest Insights

Latest News

Latest Events