Security
The Health Care Cybersecurity and Resiliency Act of 2024 would provide grants to help healthcare organizations strengthen prevention and response - and push for better coordination between HHS and CISA.
The Office of Civil Rights could have initiated follow-up after discovering security flaws, but "rarely initiated these reviews when it identified serious compliance issues," according to the HHS inspector general's audit program review.
The U.S. Department of Homeland Security sees three areas of concern as artificial intelligence is used across critical infrastructure sectors: attacks using AI, attacks targeting AI systems and design, and implementation failures.
The Administration for Strategic Preparedness and Response will be surveying agencies to assess the readiness of state, local, tribal and territorial public health organizations to manage cyber threats and gauge their needs for support.
Also: Kaiser Permanente reported that an unauthorized party gained access to the email accounts of two workforce members and viewed patient health information.
At the HIMSS Healthcare Cybersecurity Forum on Thursday, leaders from the Health Sector Coordinating Council offered advice for a collaborative layered defense to help health systems bolster responsiveness and stabilize their security postures.
The agency warns that a Western organized cybercrime group may be targeting healthcare data by leveraging ransomware variants and AI tools that exploit advanced social engineering.
The Office of Management and Budget will consider HHS' approach to modernizing requirements for HIPAA covered entities charged with protecting ePHI against healthcare cybersecurity threats. Reports say the rule could be published by year's end.
Healthcare operates with the understanding that no system is impenetrable, but must improve incident response practices by finding new ways to stay operational after network attacks, says one panelist at the upcoming HIMSS Cybersecurity Forum.
The Digital Medicine Society's seal aims to evaluate health application products' baseline security, usability and clinical return on investment to help decision-makers scrutinize which tools are best for patient care.