Skip to main content
Skip to navigation

Regulatory Policy

HHS teases policy changes stemming from cyber resiliency analysis

By Adrianne Appel2023-04-17T19:57:00

Some U.S. hospitals are falling short in protecting themselves from cyberattacks, with 29 percent of facilities recently surveyed lacking a documented governance, risk, and compliance (GRC) system, a new report from the Department of Health and Human Services (HHS) found.

The report, released Monday, is a forerunner to the creation of new policy requirement practices at hospitals, with guidelines aimed at the protection of patient data. The frequency and complexity of cyberattacks on hospitals is increasing and includes attacks that have resulted in weekslong shutdowns of imaging and laboratory equipment, the HHS said.

Because of the drastic impact such shutdowns can have on patients, especially critically ill people, the Federal Bureau of Investigation now considers attacks on hospital systems “threat-to-life” crimes, the report said.

THIS IS MEMBERS-ONLY CONTENT

cw-membership

You are not logged in and do not have access to members-only content.

If you are already a registered user or a member, SIGN IN now.

Related articles

News Brief
HHS: New cybersecurity regs on the way for hospitals

2023-12-07T18:34:00Z By Adrianne Appel

Hospitals can soon expect to see new draft cybersecurity regulations and benchmarking goals, according to the Department of Health and Human Services.
News Brief
CISA guidance provides cyber risk mitigation strategies for healthcare

2023-11-20T19:26:00Z By Kyle Brasseur

New guidance released by the Cybersecurity and Infrastructure Security Agency offers best practices for organizations in the healthcare and public health sector to adopt to combat rising cyber threats.
News Brief
Medical management company to pay $100K in landmark HHS ransomware case

2023-11-01T22:10:00Z By Kyle Brasseur

Doctors’ Management Service agreed to pay $100,000 in settling the first ransomware agreement under the Health Insurance Portability and Accountability Act reached by the Department of Health and Human Services’ Office for Civil Rights.

More from Regulatory Policy

Article
SEC closes FCPA probe into Calavo Growers

2026-01-28T18:21:00Z By Jaclyn Jaeger

The Securities and Exchange Commission has closed its Foreign Corrupt Practices Act investigation into Calavo Growers, three months after the Department of Justice closed its FCPA investigation into the produce and agriculture company.
Article
U.K. Employment Rights Act will lead to rise in tribunal claims

2026-01-24T01:20:00Z By Ruth Prickett

The number of U.K. employment tribunal cases could rise following reforms in the Employment Rights Act 2025. Several changes take effect this year, including shorter unfair dismissal qualifying periods, day-one worker rights, stronger protections for pregnant women, and an end to exploitative contracts.
Article
U.K. government scraps long-awaited audit reforms to prioritize growth

2026-01-21T20:51:00Z By Ruth Prickett

Long-awaited reforms to the U.K. audit regime have been “scrapped” from the government’s legislative plans. The decision has led to an outburst of disappointment and frustration from audit bodies and pension funds that argued the reforms would increase trust in companies and support growth.