Biden admin proposes new cybersecurity rules to limit impact of healthcare data leaks

Source: USA Today

Published 4:38 p.m. ET Dec. 27, 2024 | Updated 4:38 p.m. ET Dec. 27, 2024


Healthcare organizations may be required to bolster their cybersecurity, to better prevent sensitive information from being leaked by cyberattacks like the ones that hit Ascension and UnitedHealth UNH.N, a senior White House official said Friday.

Anne Neuberger, the U.S. deputy national security advisor for cyber and emerging technology, told reporters that proposed requirements are necessary in light of the massive number of Americans whose data has been affected by large breaches of healthcare information. The proposals include encrypting data so it cannot be accessed, even if leaked, and requiring compliance checks to ensure networks meet cybersecurity rules.

The healthcare information of more than 167 million people was affected in 2023 as a result of cybersecurity incidents, she said.

The proposed rule from the Department of Health and Human Services would update standards under the Health Insurance Portability and Accountability Act (HIPAA) and would cost an estimated $9 billion in the first year, and $6 billion in years two through five, Neuberger said.

Read more: https://www.usatoday.com/story/tech/2024/12/27/cybersecurity-healthcare-data-biden-proposal/77263588007/