This Week Health
SOAR 2024 Bluebird Leaders This Week HealthAlex's Lemonade Stand This Week Health
SUBSCRIBE NOW to receive top 7 stories daily to your inbox
<--  All Stories

Healthcare groups say cyber rule should explicitly name insurers, vendors

July 11, 2024
healthcaredive.com
Contributed by: Drex DeFord
Summary
Healthcare organizations are urging that a proposed federal cybersecurity reporting rule should explicitly include insurers and third-party vendors due to their significant impact on the industry, as highlighted by a major cyberattack on Change Healthcare. The rule, proposed by the Cybersecurity and Infrastructure Security Agency (CISA), requires critical infrastructure companies to report cyber incidents within 72 hours and ransom payments within 24 hours. While CISA did not initially include sector-specific criteria for insurers or labs, industry groups argue that these entities are interconnected with the healthcare sector and that excluding them could result in unreported significant cyber incidents. Organizations like the American Hospital Association and the College of Healthcare Information Management Executives highlighted challenges such as the tight reporting timelines and potential duplicative reports, advocating for flexibility and financial support, especially for under-resourced hospitals.
Transform Healthcare - One Connection at a Time

© Copyright 2024 Health Lyrics All rights reserved