Stricter Cybersecurity Measures for U.S. Healthcare

U.S. healthcare organizations may soon face stricter cybersecurity regulations in response to recent data breaches, as highlighted by a senior White House official on Friday.

Key Highlights

• Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, emphasized the urgency for new rules after 2023 breaches exposed data from over 167 million Americans.
• Neuberger expressed concern about hacking incidents involving hospitals and healthcare data, stating, "In this job, one of the most concerning and really troubling things we deal with is hacking of hospitals, hacking of healthcare data."
• Proposed measures include:
  • Using encrypted data to prevent access even if leaks occur.
  • Implementing mandatory compliance checks.
• The Department of Health and Human Services plans to revise HIPAA standards, forecasting initial costs of $9 billion in the first year and $6 billion annually for the next four years.

The Rising Threat

• Hospitals are increasingly relying on manual operations.
• Sensitive healthcare and mental health data are reportedly being leaked on the dark web, raising risks of blackmail.
• Cyberattacks on healthcare have surged, with hacking incidents rising 89% and ransomware attacks increasing by 102% since 2019, according to Neuberger.