H-ISAC TLP White Hacking Healthcare - December 14, 2021

This week, Hacking Healthcare begins by breaking down the issue of cyber incident reporting timelines and makes the case for engagement with regulators and legislators. Next, we examine reports that the National Institute of Science and Technology (NIST) is looking to begin updating its well-regarded cybersecurity framework early next year, and we explore what the new update may focus on. Finally, we cover the announcement of a new healthcare cybersecurity website launched by Health and Human Services (HHS). Welcome back to Hacking Healthcare.

Author’s Note: Hacking Healthcare will be on vacation beginning next week but will return in January. We hope the last few weeks of 2021 treat you well and that you get at least a small break from the daily cybersecurity grind. Thanks for reading us every week, and we look forward to continuing!

In this edition:

  • The Variance of Cyber Incident Reporting Timelines
  • NIST CSF Update
  • HHS launches New Healthcare Cybersecurity Website

View the detailed report below. 

For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:

John Riggi

Senior Advisor for Cybersecurity and Risk, AHA

jriggi@aha.org

(O) +1 202 626 2272

More on John Riggi
Learn more about AHA's Cybersecurity and Risk Advisory Services

Key Resources

Related Resources

Advisory
CrowdStrike Technology Outage Causing Global Disruption, Including Impacts on Hospitals
Letter/Comment
AHA Responds to CISA Proposed Rule on Cyber Incident Reporting Requirements
Public
Advisory
HHS Issues Alert on Critical Vulnerability in ‘MOVEit,’ File Transfer Platform Used by Health Care Sector
Public
Issue Landing Page
Support for your Cybersecurity Program
Special Bulletin
AHA Helps Secure New Cybersecurity Resources from Microsoft and Google to Assist Rural Hospitals
Public
Advancing Health Podcast
How to Survive a Cyberattack with Scripps Health: Part Two
Public