After recent WannaCry ransomware and Petya/notPetya malware attacks exposed the data security vulnerabilities of health care organizations and pharmaceutical companies globally, the Department of Health and Human Services and Office for Civil Rights have rolled out resources to prevent future attacks. The OCR’s resources, such as its Quick-Response Checklist, infographic and informational newsletter, are meant to support health care organizations every step of the way, from planning and contingency plans to response and mitigation procedures.
We’ve outlined some of the key points in the OCR and HHS documents in this recent alert.
In a previous blog post, our team evaluated the draft recommendations prepared by the Health Care Industry Cybersecurity Task Force in its “Report on Improving Cybersecurity in the Health Care Industry.”
We recently examined three of the six major recommendations in the report and their potential impact on the existing health care regulatory environment. These include:
- HHS and a Comprehensive Health Care Security Framework
- Government and Private Incentives to Migrate Vulnerable Health Care Providers to More Secure Environments
- Development of Fraud and Abuse Exemptions to Foster Collaboration and Permit Shared Resources
For more insight, read our detailed review of the health care security recommendations above.