HHS: New cybersecurity regs on the way for hospitals
By 
Adrianne Appel2023-12-07T18:34:00
Hospitals can soon expect to see new draft cybersecurity regulations, according to the Department of Health and Human Services (HHS).
The HHS outlined its cybersecurity strategy for the healthcare sector in a concept paper released Wednesday that also described voluntary performance goals. The goals are intended to help the industry prepare for forthcoming enforceable standards, the agency said.
In addition, the Centers for Medicare and Medicaid Services is expected to propose new cybersecurity requirements for hospitals through Medicare and Medicaid, per the HHS.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
News BriefCISA creates new portal for businesses to file cyber incident reports
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has created a new online portal for organizations to voluntarily report cybersecurity incidents, including ransomware attacks.
-
News BriefChange Healthcare facing HHS probe following crippling cyberattack
Change Healthcare, a health payment processor hit by a crippling cyberattack in February, is under investigation by the Department of Health and Human Services’ Office for Civil Rights.
-
News BriefMontefiore Medical Center to pay $4.8M over employee’s data theft
Montefiore Medical Center agreed to pay $4.75 million to settle allegations by the Department of Health and Human Services’ Office for Civil Rights that failures by the New York City nonprofit facility allowed an employee to steal and sell patient information for six months.
More from Regulatory Policy
-
ArticleSEC gets earful about disclosure requirements from investors
Disclosure requirements for public companies have ballooned over the decades and need to be reigned in, the three members of the Securities and Exchange Commission (SEC), said Thursday.
-
ArticleNew DOJ policy places corporate enforcement emphasis on individual misconduct
The Department of Justice (DOJ) criminal division has announced a blanket policy against prosecuting companies that voluntarily disclose criminal wrongdoing and take other steps—and holding any individuals involved accountable for their criminal activities.
-
ArticleIf financial services firms don’t want more AI rules, comply with existing regs, experts warn
The U.K.’s financial regulators have long maintained that AI use by banks, insurers, and other financial services firms is already regulated under existing rules, but such assurances are increasingly being questioned.