HHS Warns of Increases in Insider Data Breaches

In April of 2022, the Department of Health and Human Services (HHS)’ Office of Information Security issued a 27-page publication, entitled “Insider Threats in Healthcare.” The publication covers a significant trend in cybersecurity: More and more, healthcare organization data breaches are being caused by internal (employee) action as opposed to actions from outside third parties. HHS defines an “Insider threat in the [...]

2022-05-06T17:03:27-04:00April 27th, 2022|

HHS Seeks Public Input on How to Implement Cybersecurity Best Practices Bill

In January of 2021, HR 7898, nicknamed the Cybersecurity Best Practices bill, was signed into law. Under this law, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) must consider whether an entity used recognized cybersecurity best practices in the year preceding a violation when deciding whether to penalize the organization.  In April of 2022, OCR issued a [...]

2022-05-06T17:03:29-04:00April 7th, 2022|

OCR Cybersecurity Newsletter Offers Guidance Against Common Cyberattacks

Each quarter the Department of Health and Human Services’ Office for Civil Rights issues a cybersecurity newsletter. The newsletter highlights cybersecurity trends affecting the healthcare industry. As the March 2022 OCR Cybersecurity Newsletter notes, the number of hacking and IT incidents affecting electronic protected health information (ePHI) has shot up, and rather quickly at that. In fact, there has been a 45% increase in the number [...]

2022-05-06T17:03:31-04:00March 25th, 2022|