Cybersecurity Rules To Limit Impact Of Health Data Leaks (Pexels) 
MedBound Blog

US Proposes Cybersecurity Rules to Limit Impact of Health Data Leaks

The health data leak of more than 167 million people was affected in 2023 as a result of cybersecurity incidents

MBT Desk

Healthcare organizations may be required to bolster their cybersecurity to better prevent sensitive information from being leaked by cyberattacks like the ones that hit Ascension and UnitedHealth, a senior White House official said Friday.

Anne Neuberger, the U.S. deputy national security adviser for cyber and emerging technology, told reporters that proposed requirements are necessary in light of the massive number of Americans whose data has been affected by large health care information breaches. The proposals include encrypting data so it cannot be accessed, even if leaked, and requiring compliance checks to ensure networks meet cybersecurity rules.

The full proposed rule was posted to the Federal Register on Friday, and the Department of Health and Human Services posted a more condensed breakdown on its website.

She said that the healthcare information of more than 167 million people was affected in 2023 as a result of cybersecurity incidents.

Pexels

Neuberger said the proposed rule from the Office for Civil Rights (OCR) within HHS would update standards under the Health Insurance Portability and Accountability Act and cost an estimated $9 billion in the first year and $6 billion in years two through five.

"We've made some significant proposals that we think will improve cybersecurity and ultimately everyone's health information if any of these proposals are ultimately finalized," an OCR spokesperson told Reuters late Friday. The next step in the process is a 60-day public comment period before any final decisions will be made.

Large healthcare breaches caused by hacking and ransomware have increased by 89% and 102%, respectively, since 2019, Neuberger said.

"In this job, one of the most concerning and troubling things we deal with is hacking of hospitals, hacking of health care data," she said.

Hospitals have been forced to operate manually and Americans' sensitive healthcare data, mental health information, and other information are "being leaked on the dark web with the opportunity to blackmail individuals," Neuberger said.

(VOA/VD)

Also read:One Person Dead in Iowa from Lassa Fever, State Health Department Says

Also Read

HHS Eliminates CDC Staff Who Made Sure Birth Control Is Safe for Women at Risk

Feds Investigate Hospitals Over Religious Exemptions From Gender-Affirming Care

India Facing a Shortage of Family Physicians – Here's Why

Simple Muscle Ultrasound Can Detect Early Prediabetes

Mount Sinai Researchers Use Wearable Technology to Explore the Link Between IBD and Sleep Disruption