Healthcare cybersecurity incidents have more than doubled since 2018, while ransomware attacks have surged close to 300%. This tsunami of cybercrime has led to extensive care disruptions, patient safety risks, and an increased strain on the already overwhelmed healthcare sector.
With cybersecurity incidents occurring on an almost daily basis, federal regulators are now looking to take a more active role in improving data security. In fact, The Health and Human Services Department (HHS) has indicated they have a strategy to help address the rising cybersecurity crisis.
According to a recent article the new plan for cybersecurity is centered on four steps aimed at improving the healthcare landscape, and it includes:
- Establishing voluntary cybersecurity performance goals for the healthcare sector
- Providing resources to incentivize and implement these cybersecurity practices
- Implementing an HHS-wide strategy to support greater enforcement and accountability
- Expand and mature the one-stop shop within HHS for healthcare sector cybersecurity.
A crucial aspect of the strategy involves financial incentives for struggling hospitals to meet essential cybersecurity performance goals and invest in advanced cybersecurity practices. The HHS plans to introduce new cybersecurity requirements enforced through CMS, possibly linking compliance to Medicare and Medicaid reimbursements. Additionally, the HIPAA Security Rule is set for an update to incorporate cybersecurity requirements in the upcoming spring.
For questions regarding cybersecurity training for your healthcare facility or practice, contact the experts at MedSafe. MedSafe is the nation’s leading one-stop resource for outsourced safety and health compliance solutions in healthcare.
Toll-free: (888) MED-SAFE