This Week Health

Don't forget to subscribe!

In this episode of the 2-Minute Drill, Drex brings you the latest cybersecurity updates and insights from the healthcare sector. Learn about the forthcoming cybersecurity performance goals and healthcare regulations expected to be issued soon and the potential financial penalties for hospitals that fail to comply. Drex discusses the interconnected nature of healthcare security and the importance of third-party partners meeting higher standards. He also covers recent cybersecurity incidents, including a destructive cyberattack by a 22-year-old Russian national and a significant ransomware breach at Antlery Children's Hospital affecting nearly 800,000 individuals.

Remember, Stay a little paranoid.




Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer -


This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

  Everyone, I'm Drex, and this is the Two Minute Drill, where we do at least three stories at least two times a week, all part of one great community, the 229 Cyber and Risk community here at This Week Health. Hope you had a great Independence Day. Today's drill is brought to you by Fortified Health. No matter where you're at in your cybersecurity journey, Fortified can help you improve your security posture through their 24 7 threat defense services, or advisory solutions delivered through Central Command, a first of its kind platform that simplifies cybersecurity management and provides the visibility you need to mature your program.

Learn more at FortifiedHealthSecurity. com. Thanks for joining me today. Here's some stuff you might want to know about. Cybersecurity performance goals and associated healthcare cyber regs are coming soon. These new minimum standards for security performance are expected to be issued by the year. Within weeks, according to Anne Neuberger, Deputy National Security Advisor.

Back in January, HHS issued 10 essential and 10 enhanced cybersecurity performance goals for hospitals. And while they were called voluntary at the time, HHS's budget proposal for 2025 calls for financial penalties in the form of reduced payments, Should certain hospitals fail to meet those standards starting in 2029?

Unfortunately, I think focusing on hospitals is just a part of the security problem. In our industry, everything is connected to everything else, whether it's networks or software as a service provider or Payers. Our third party partners also need to meet a higher standard. I mean, go take a look at the HHS Wall of Shame breach portal, and you'll see the number of business associates reporting breaches, which affects all of their customers.

And while there's a billion dollars worth of proposed help in the HHS budget proposal, it's mostly aimed at buying tools. And while the tools are important, it's honestly the people, skills, and experience that a lot of hospitals lack, sometimes In those situations, adding technology can actually make the environment more vulnerable if the tech isn't tended to properly.

Marianne McGee has written a series of solid articles on all this stuff. We link to all those stories at ThisWeekHealth. com slash news. A 22 year old Russian national has been indicted in the U. S. for his role in staging destructive cyberattacks against Ukraine and its allies just prior to Russia's invasion of Ukraine in 2022.

The U. S. State Department is offering a 10 million reward for information on Amin Stigall, a cyber thug reportedly used an unnamed U. S. based company to distribute wiper malware and steal data, including patient health records. Antlery Children's Hospital in Chicago is notifying nearly 800, 000 people that their information was compromised in a ransomware attack earlier in the year.

The ransomware as a service group named RISDA has been identified as the attacker. Children's data, as we've talked about here previously, children's data is especially valuable to criminals because the victim may not discover that their information has been misused until they grow up and apply for their first credit card or try to get their first car loan.

Thanks again to the Two Minute Drill's sponsor, healthcare cyber partner, Fortified Health Security. With a 98 percent client retention rate and three consecutive best in class awards, Fortified's exclusive focus on healthcare cybersecurity makes them the go to partner for healthcare organizations wanting to strengthen their security posture.

Find out more at fortifiedhealthsecurity. com. That's it for today's Two Minute Drill. I appreciate you being here. Stay a little paranoid. I'll see you around campus.

2 Minute Drill is Sponsored By

Our Shows

Today In Health IT with Bill Russell

Related Content

1 2 3 268
Transform Healthcare - One Connection at a Time

© Copyright 2024 Health Lyrics All rights reserved