The recent cyberattack on Change Healthcare has served as a wake-up call for the healthcare industry. According to Booker, a former CISO at UnitedHealth Group, it underscores the importance of focusing on basic security measures like multifactor authentication and having assurance capabilities in place.
Calls for more healthcare organizations to tighten security
Authors of the HIMSS report are calling for more action, including regular cybersecurity briefings for boards of directors and the establishment of cybersecurity supply chain risk management programs. They also recommend adopting frameworks like NIST Cybersecurity Framework Version 2.0 and the US HHS’s voluntary cybersecurity performance goals.
Senator Ron Wyden has criticized the slow progress in healthcare cybersecurity regulations, emphasizing the urgent need for mandatory standards to protect patient information and access to care.
Healthcare security leaders are heeding these warnings and working to enhance their security measures in light of recent incidents. Benjamin Luthy from Champlain College Online emphasizes the importance of learning from such attacks to strengthen cybersecurity practices across the industry.