HHS teases policy changes stemming from cyber resiliency analysis
By 
Adrianne Appel2023-04-17T19:57:00
Some U.S. hospitals are falling short in protecting themselves from cyberattacks, with 29 percent of facilities recently surveyed lacking a documented governance, risk, and compliance (GRC) system, a new report from the Department of Health and Human Services (HHS) found.
The report, released Monday, is a forerunner to the creation of new policy requirement practices at hospitals, with guidelines aimed at the protection of patient data. The frequency and complexity of cyberattacks on hospitals is increasing and includes attacks that have resulted in weekslong shutdowns of imaging and laboratory equipment, the HHS said.
Because of the drastic impact such shutdowns can have on patients, especially critically ill people, the Federal Bureau of Investigation now considers attacks on hospital systems “threat-to-life” crimes, the report said.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
News BriefHHS: New cybersecurity regs on the way for hospitals
Hospitals can soon expect to see new draft cybersecurity regulations and benchmarking goals, according to the Department of Health and Human Services.
-
News BriefCISA guidance provides cyber risk mitigation strategies for healthcare
New guidance released by the Cybersecurity and Infrastructure Security Agency offers best practices for organizations in the healthcare and public health sector to adopt to combat rising cyber threats.
-
News BriefMedical management company to pay $100K in landmark HHS ransomware case
Doctors’ Management Service agreed to pay $100,000 in settling the first ransomware agreement under the Health Insurance Portability and Accountability Act reached by the Department of Health and Human Services’ Office for Civil Rights.
More from Regulatory Policy
-
News BriefTrump’s pivot on crypto leads SEC to seek settlement with Gemini
The Securities and Exchange Commission (SEC)’s pivot in favor of crypto took another step as the agency indicated it wants to resolve a long-standing lawsuit against the crypto exchange Gemini.
-
PremiumRepublican-led SEC abandons climate rule; Dem commissioner calls move ‘unlawful’
The Securities and Exchange Commission’s Republican leadership is abandoning the climate-related disclosure rule package passed last year by Democrats, hoping that the courts will kill regulations already on life support.
-
News BriefFinCEN drops BOI requirement for U.S. companies, persons
The U.S. Treasury Department’s Financial Crimes Enforcement Network issued a final interim rule that eliminates beneficial ownership information reporting obligations for U.S.-based companies and persons.