Recent HHS Settlement Underscores the Importance Compliance Plays in Cybersecurity

The following is a guest article by Dotty Bollinger, JD, Healthcare Compliance Consultant, Compliancy Group The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) reached a settlement with Doctors’ Management Services after the healthcare vendor succumbed to a ransomware attack. The settlement, announced in a press release on the HHS site, resulted in a $100,000 fine, two years of OCR monitoring, and the requirement to adopt a corrective action plan. “Our settlement highlights how ransomware attacks are increasingly common and targeting the health care system. This leaves hospitals and their patients vulnerable to data and security breaches,” said OCR Director, Melanie Fontes Rainer. “In this ever-evolving space, it is critical that our health care system take steps to identify and address cybersecurity vulnerabilities along with proactively and regularly review risks, records, and update policies. These practices should happen regularly across an enterprise to prevent future attacks.” According to the HHS, there has been a 239% increase in hacking incidents reported and a 278% increase in ransomware attacks. In 2023 so far, the breaches reported have affected 88 million patients, already a 60% increase compared to last year. The Repercussions for Lack of Compliance This recent HHS settlement, and others, should serve as a stark reminder of how a lack of compliance can negatively affect patients, your reputation, and your wallet. Healthcare ...
Source: EMR and HIPAA - Category: Information Technology Authors: Tags: Ambulatory Health IT Company Healthcare IT Hospital - Health System LTPAC Regulations Security and Privacy 21CO 21st Century Oncology AMCA American Medical Collection Agency Compliancy Group Cyberattacks Cybersecurity Departmen Source Type: blogs