Biden administration proposes new cybersecurity rules to limit impact of healthcare data leaks

By AJ Vicens

FILE PHOTO: A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration/File Photo

(Reuters) -Healthcare organizations may be required to bolster their cybersecurity, to better prevent sensitive information from being leaked by cyberattacks like the ones that hit Ascension and UnitedHealth, a senior White House official said Friday.

Anne Neuberger, the U.S. deputy national security advisor for cyber and emerging technology, told reporters that proposed requirements are necessary in light of the massive number of Americans whose data has been affected by large breaches of healthcare information. The proposals include encrypting data so it cannot be accessed, even if leaked, and requiring compliance checks to ensure networks meet cybersecurity rules.

The full proposed rule was posted to the Federal Register on Friday, and Department of Health and Human Services posted a more condensed breakdown on its website.

The healthcare information of more than 167 million people was affected in 2023 as a result of cybersecurity incidents, she said.

The proposed rule from the Office for Civil Rights (OCR) within HHS would update standards under the Health Insurance Portability and Accountability Act (HIPAA) and would cost an estimated $9 billion in the first year, and $6 billion in years two through five, Neuberger said.

"We've made some significant proposals that we think will improve cybersecurity and ultimately everyone's health information, if any of these proposals are ultimately finalized," an OCR spokesperson told Reuters late Friday. The next step in the process is a 60-day public comment period before any final decisions will be made.

Large healthcare breaches caused by hacking and ransomware have increased by 89% and 102%, respectively, since 2019, she said.

"In this job, one of the most concerning and really troubling things we deal with is hacking of hospitals, hacking of healthcare data," Neuberger said.

Hospitals have been forced to operate manually and Americans' sensitive healthcare data, mental health information and other information are "being leaked on the dark web with the opportunity to blackmail individuals," Neuberger said.

(Additional reporting by Raphael Satter in Washington; Editing by Chizu Nomiyama and Diane Craft)

×
Follow us on our official WhatsApp channel for breaking news alerts and key updates!

   

Report it to us.

Next In Tech News
Cyber attack on Italy's Foreign Ministry, airports claimed by pro-Russian hacker group
How to find your way around that updated Photos app
Video games can’t afford to look this good
Student in US who experienced 'deepest violation' from AI nudes speaks out
Landlords beware: Rent-shamers are calling out overpriced US listings online
Explainer-Why OpenAI plans transition to public benefit corporation
US adds 9th telcom to list of companies hacked by Chinese-backed Salt Typhoon cyberespionage
Hackers hijack a wide range of companies' Chrome extensions, experts say
OpenAI outlines new for-profit structure in bid to stay ahead in costly AI race
Russia fines TikTok 3 million roubles over legal violations, court says

Trending in Tech

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.