Healthcare Breaches and New Guidance - The CPA Journal
The CPA Journal
|
Summary
**Healthcare Breaches and New Guidance** The healthcare industry continues to face significant challenges in managing cyber risks, as evidenced by recent data breaches such as the unprecedented cyberattack on Change Healthcare, a subsidiary of UnitedHealth Group. Despite existing regulatory frameworks like HIPAA and ample guidance from entities like HHS-OCR and NIST, healthcare organizations struggle to mitigate cyber threats due to factors such as misdelivery of information, misuse of privileges, and rapidly evolving technology landscapes. Recent guidance, including NIST's updated Resource Guide and HHS's cybersecurity strategy, aims to improve the sector's cybersecurity posture, but concerns remain about the adequacy and implementation of these measures in effectively managing cybersecurity risks.
