HHS: New cybersecurity regs on the way for hospitals
By 
Adrianne Appel2023-12-07T18:34:00
Hospitals can soon expect to see new draft cybersecurity regulations, according to the Department of Health and Human Services (HHS).
The HHS outlined its cybersecurity strategy for the healthcare sector in a concept paper released Wednesday that also described voluntary performance goals. The goals are intended to help the industry prepare for forthcoming enforceable standards, the agency said.
In addition, the Centers for Medicare and Medicaid Services is expected to propose new cybersecurity requirements for hospitals through Medicare and Medicaid, per the HHS.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
News BriefCISA creates new portal for businesses to file cyber incident reports
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has created a new online portal for organizations to voluntarily report cybersecurity incidents, including ransomware attacks.
-
News BriefChange Healthcare facing HHS probe following crippling cyberattack
Change Healthcare, a health payment processor hit by a crippling cyberattack in February, is under investigation by the Department of Health and Human Services’ Office for Civil Rights.
-
News BriefMontefiore Medical Center to pay $4.8M over employee’s data theft
Montefiore Medical Center agreed to pay $4.75 million to settle allegations by the Department of Health and Human Services’ Office for Civil Rights that failures by the New York City nonprofit facility allowed an employee to steal and sell patient information for six months.
More from Regulatory Policy
-
ArticleCompliance told to focus on reality as Euro courts brace for slew of greenwashing cases
In 2025, the regulatory focus on greenwashing intensified globally. This trend is set to accelerate in 2026, and compliance has a key part to play in ensuring corporate statements are honest.
-
ArticleSFO guidance on evaluating compliance programs short on specifics, experts say
Companies looking for greater certainty about how they might avoid criminal prosecution for bribery, fraud, and corruption offences may find they’re going to be disappointed if they’re looking for definitive answers in the latest guidance from the U.K.’s main fraud investigator, say experts.
-
ArticleEU loosens AI and data rules
Europe has been at the forefront of designing strong—but flexible—rules around data use and the safe development of AI, but the EU recently announced plans to simplify some key measures around data privacy and AI governance, which have met with mixed responses.