Hackers have laid siege to U.S. health care and a tiny HHS office is buckling under the pressure

September 8, 2022 CynergisTek, Inc.

Hackers have laid siege to U.S. health care and a tiny HHS office is buckling under the pressure.

With a dearth of resources, the Office for Civil Rights is struggling with an overflowing caseload.

Cyber crooks steal medical information of tens of millions of people in the U.S. every year, a number that is rising fast as health care undergoes its digital transformation.

It leads to millions of dollars in losses for hospitals, insurers and other health care organizations, threatens care delivery and exposes patients to identity theft.

But the Department of Health and Human Services’ Office for Civil Rights, which is tasked with investigating breaches, helping health care organizations bolster their defenses, and fining them for lax security, is poorly positioned to help. That’s because it has a dual mission — both to enforce the federal health privacy law known as HIPAA and to help the organizations protect themselves — and Congress has given it few resources to do the job.

“They’re a fish out of water … They were given the role of enforcement under HIPAA but weren’t given the resources to support that role,” said Mac McMillan, CEO of CynergisTek, a Texas firm that helps health care organizations improve their cybersecurity.

Due to its shoestring budget, the Office for Civil Rights has fewer investigators than many local police departments, and its investigators have to deal with more than a hundred cases at a time. The office had a budget of $38 million in 2022 — the cost of about 20 MRI machines that can cost $1 million to $3 million a pop.

Continue reading here

 

 

About the Author

CynergisTek, Inc.

CynergisTek is a top-ranked cybersecurity consulting firm dedicated to serving the information assurance needs of healthcare. CynergisTek offers specialized services and solutions to help organizations achieve privacy, security, and compliance goals. The company has been recognized by KLAS in the 2016 and 2018 Cybersecurity reports as a top performing firm in healthcare cybersecurity, as well as the 2017 Best in KLAS winner for Cybersecurity Advisory Services.

Follow on Twitter Follow on Linkedin Visit Website More Content by CynergisTek, Inc.
Previous Article
5 FBI Recommendations For Medical Device Cybersecurity
5 FBI Recommendations For Medical Device Cybersecurity

Ben Denkers discusses the detrimental impact of cyber attacks on medical devices.

Next Article
Report: Organ Transplant Data Security Needs Strengthening
Report: Organ Transplant Data Security Needs Strengthening

The national network for connecting medical centers with donated human organs faces doubts about its abilit...