- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Adrianne Appel2023-12-07T18:34:00
Hospitals can soon expect to see new draft cybersecurity regulations, according to the Department of Health and Human Services (HHS).
The HHS outlined its cybersecurity strategy for the healthcare sector in a concept paper released Wednesday that also described voluntary performance goals. The goals are intended to help the industry prepare for forthcoming enforceable standards, the agency said.
In addition, the Centers for Medicare and Medicaid Services is expected to propose new cybersecurity requirements for hospitals through Medicare and Medicaid, per the HHS.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has created a new online portal for organizations to voluntarily report cybersecurity incidents, including ransomware attacks.
Change Healthcare, a health payment processor hit by a crippling cyberattack in February, is under investigation by the Department of Health and Human Services’ Office for Civil Rights.
Montefiore Medical Center agreed to pay $4.75 million to settle allegations by the Department of Health and Human Services’ Office for Civil Rights that failures by the New York City nonprofit facility allowed an employee to steal and sell patient information for six months.
Breaches of the EU’s GDPR can cost companies substantial sums and huge reputational damage. Now some are warning that the implementation of the EU’s AI Act will be just as far-reaching, and could potentially lead to similar numbers of cases.
Any product that uses AI needs to be safety assessed for its entire lifespan under new rules that went into effect recently across the EU. Experts warned companies using AI to tailor products could be classed as “manufacturers” and face the same duty of care as developed.
When lawmakers slam the U.K.’s chief financial regulator as “incompetent,” it not only opens the doors for others to pile criticism on it, but it sparks a debate about how the organization can be improved–or removed.
