Cybersecurity News

A settlement agreement with Pagosa Springs (Colo.) Medical Center that the Department of Health and Human Services’ Office for Civil Rights announced this week highlights important, but perhaps sometimes overlooked, privacy and security risk issues associated with access to electronic protected health information.

Republicans on the House Energy and Commerce Committee Friday released a report summarizing initial efforts by its Oversight and Investigations Subcommittee to address the nation’s cybersecurity challenges.

A federal grand jury yesterday charged two Iranian men with developing and deploying the SamSam

The Food and Drug Administration’s policies and procedures were insufficient for handling postmarket medical device cybersecurity events, and the agency has not adequately tested its ability to respond to emergencies resulting from cybersecurity events in medical devices.

The Department of Health and Human Services this week opened a Health Sector Cybersecurity Coordination Center (HC3) at its headquarters in Washington, D.C.

October is cybersecurity month (in reality, every month is cybersecurity month) but this is a good time to review the overall landscape.

The Food and Drug Administration today issued draft guidance that provides recommendations to the medical device industry on cybersecurity considerations for device design, labeling and documentation that the FDA recommends be included in premarket submissions for medical devices with cybersecurity risk.

The Department of Health and Human Services’ Officer for Civil Rights yesterday announced that Anthem has agreed to pay $16 million and take corrective action to settle potential violations of the Health Insurance Portability and Accountability Act after a series of cyberattacks led to the largest U.S. health data breach in history and exposed the electronic protected health information of nearly 79 million people. 

The InfraGard Cyber Health Working Group, a partnership between the FBI and information technology professionals in the health sector, will host a conference Oct. 25-26 in Charlotte, N.C.

John Riggi, AHA senior advisor for cybersecurity and risk, discusses findings from a Society for Healthcare Strategy & Market Development survey that showed 83 percent or respondents believe it is at least somewhat likely that a hospital or health system in their area will experience a cyberattack in the next five years. Read more.

The Food and Drug Administration today released a framework to help hospitals and other health care providers plan for and respond to cybersecurity incidents involving medical devices.

President Trump yesterday released a National Cyber Strategy, which outlines how the administration plans to strengthen U.S. cybersecurity.

In a recent conversation with AHA News, Riggi talked about his background, including his nearly three decades with the FBI; what the changing landscape of cyber threats mean for patients and health care CEOs; and how through the recently-launched AHA Center for Health Innovation he’ll be focusing on new educational tools, resources and services designed to help member hospitals and health systems defend against this significant challenge.

The AHA offers comprehensive cybersecurity resources and risk advisory services for hospital and health systems leaders.

The Department of Health and Human Services Office of Inspector General yesterday recommended the Food and Drug Administration take additional steps to integrate cybersecurity into its premarket review process for medical devices

In an effort to further advance health in America, the American Hospital Association today officially launched the AHA Center for Health Innovation to support hospitals and health systems as they respond to and proactively lead change.  

The Department of Homeland Security will offer several opportunities this month to participate in an awareness briefing on Russian cyber activity against critical infrastructure.

The AHA today discussed the need to reduce the regulatory burden on providers to improve patient care during a House Committee on Oversight and Government Reform Subcommittee on Intergovernmental Affairs hearing.  

John Riggi, AHA senior advisor for cybersecurity and risk, said hospitals and health systems take seriously the protection of highly-sensitive and valuable information.

Also in this weekly roundup of health care news: Challenges for doctors treating migrant children separated from their parents.