Senior White House official stated on Friday that healthcare businesses might need to strengthen their cybersecurity in order to better guard against sensitive data being exposed by hacks such as the ones that affected UnitedHealth and Ascension.
The proposed requirements are necessary given the vast number of Americans whose data has been impacted by significant breaches of healthcare information, Anne Neuberger, the U.S. deputy national security advisor for cyber and emerging technologies, told reporters. The recommendations include mandating compliance audits to make sure networks adhere to cybersecurity regulations and encrypting data so it cannot be viewed, even if it is leaked.
On Friday, the Department of Health and Human Services published a more concise summary of the proposed rule on its website, and the whole regulation was published in the Federal Register.
According to her, in 2023, cybersecurity attacks impacted the health information of over 167 million individuals.
Neuberger projected that the proposed rule, which would update requirements under the Health Insurance Portability and Accountability Act (HIPAA), would cost $9 billion in the first year and $6 billion in the next five years. The rule would be issued by HHS’s Office for Civil Rights (OCR).
“We’ve made some significant proposals that we think will improve cybersecurity and ultimately everyone’s health information, if any of these proposals are ultimately finalized,” an OCR spokesperson told Reuters late Friday. The next step in the process is a 60-day public comment period before any final decisions will be made.
According to her, the number of significant ransomware and hacking-related healthcare breaches has grown by 102% and 89%, respectively, since 2019.
“In this job, one of the most concerning and really troubling things we deal with is hacking of hospitals, hacking of healthcare data,” Neuberger said.
Patients’ private medical records, mental health records, and other information are “being leaked on the dark web with the opportunity to blackmail individuals,” according to Neuberger, and hospitals are now compelled to run manually. (Chizu Nomiyama and Diane Craft edited; Raphael Satter added more reporting from Washington.)
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter
About us:
The Mainstream formerly known as CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, The Mainstream formerly known as CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, The Mainstream formerly known as CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK
