Skip to Main Content
Our Commitment to Diversity

Health System Cybersecurity Risks: Part Two

Date: 1 April 2024
Triage

In this two-part Triage series, Gina Bertolini, Sarah Carlins, and Jianne McDonald analyze two recent HHS initiatives that address cybersecurity risks to hospitals and health systems nationwide. Cybersecurity events involving our nation’s health care providers have precipitously risen in the past five years. The Department of Health and Human Services’ Office for Civil Rights (OCR) reports a nearly 300% increase in large data breaches that involve ransomware reported to OCR from 2018 to 2022. Interoperability remains a major government priority, and as remote care models continue to proliferate and the need intensifies for big data to feed increasingly complex technologies, risks to health care providers will continue to abound.  

In part two, Gina Bertolini and Sarah Carlins discuss HHS’s “Healthcare Sector Cybersecurity” report, which outlines HHS’s strategy for securing the digital infrastructure of our nation’s health care system. HHS’s strategy includes increased funding for support and enforcement of HIPAA’s Security Rule and the implementation of voluntary Cybersecurity Performance Goals, and HHS projects changes to HIPAA’s Security Rule coming in the Spring of 2024.

Return to top of page

Email Disclaimer

We welcome your email, but please understand that if you are not already a client of K&L Gates LLP, we cannot represent you until we confirm that doing so would not create a conflict of interest and is otherwise consistent with the policies of our firm. Accordingly, please do not include any confidential information until we verify that the firm is in a position to represent you and our engagement is confirmed in a letter. Prior to that time, there is no assurance that information you send us will be maintained as confidential. Thank you for your consideration.

Accept Cancel