From CyberScoop, by AJ Vicens and Elias Groll:
A devestating cyberattack on payment processor Change Healthcare has spurred discussions in Washington about urgent cybersecurity regulations for the healthcare sector. Health and Human Services (HHS) is working on developing mandatory rules, including updating the Health Insurance Portability and Accountability Act with cybersecurity requirements.
These updates are meeting resistance from the healthcare industry, which argues that hospitals should not be punished for the success of hackers. President Biden’s budget proposal includes funding for hospitals’ cybersecurity efforts and penalties for non-compliance. Despite this, the complexity of implementing such standards, especially for smaller health entities, and the current political climate suggest no significant changes will occur soon.