US to hospitals: Meet security standards or no federal money

autotldr Bot , 6 months ago

This is the best summary I could come up with:

---

US hospitals will be required to meet basic cybersecurity standards before receiving federal funding, according to rules the White House is expected to propose in the next few weeks.

Citing an unnamed government official, this Messenger report says the proposed rules will focus on “those key cybersecurity practices that we really do believe bring a meaningful impact.”

When asked about the draft rules, a CMS spokesperson directed The Register to a concept paper published in December that outlines the Department of Health and Human Services’ (HHS) cybersecurity strategy.

According to the HHS paper [PDF], officials will propose new, enforceable security standards, and will work with Congress to administer financial support and incentives for hospitals to implement “high-impact cybersecurity practices,” among other actions.

Last year alone, at least 46 US hospital corporations with a total of 141 facilities between them were hit by ransomware infections, and at least 32 of these networks had protected health information and other patient data stolen during the intrusions, according to Emsisoft.

In addition to stealing hospitals’ data, criminals are also using increasingly nasty extortion tactics to put pressure on health care execs to pay ransoms.

---

The original article contains 431 words, the summary contains 190 words. Saved 56%. I’m a bot and I’m open source!

DacoTaco , 6 months ago

As somebody who has worked as a hospital software developer for years : yes, agreed. Ive been in contact with a few us based healthcare systems and they are often even less secure than the existing software, which isnt secure at all lol.

Hospital security has been a rising issue and needs to be taken VERY seriously. There is a shit ton of information in the databases that you dont want to loose, nor get leaked!