HHS Office for Civil Rights struggling to keep up with cyberattacks

Cyberattacks are rising fast in the healthcare space, and the federal office tasked with dealing with these breaches is completely overwhelmed.

That’s according to a recent report from Politico, which found the Department of Health and Human Services (HHS) Office for Civil Rights is overflowing with cyberattack cases, where criminals are stealing the health information of millions. The office, which Politico described as “tiny,” is responsible for investigating breaches, helping healthcare organizations boost their defenses against cyberattack and dole out fines for security lapses. The office’s duty is to enforce both the HIPAA privacy law and help organizations better protect themselves.

Unfortunately, the Office for Civil Rights doesn’t have much of a budget to accomplish these tasks, according to Politico. With a budget of just $38 million in 2022, the office has fewer investigations than some police departments, while investigators have caseloads of over 100. Plus, investigators rely on the cooperation from victims, which are sometimes reluctant to report breaches.

The healthcare sector is a huge target for cyber criminals seeking personal information, and the industry is particularly vulnerable to ransomware. HHS recently warned that electronic health records are vulnerable to hackers, with their information being extremely valuable to criminals. Last year, hackers gained access to the health records of nearly 50 million people. On average, data breaches cost healthcare organizations $10 million, according to a recent study from IBM. 

See the full story below:

 

Amy Baxter

Amy joined TriMed Media as a Senior Writer for HealthExec after covering home care for three years. When not writing about all things healthcare, she fulfills her lifelong dream of becoming a pirate by sailing in regattas and enjoying rum. Fun fact: she sailed 333 miles across Lake Michigan in the Chicago Yacht Club "Race to Mackinac."

Around the web

As debate simmers over how best to regulate AI, experts continue to offer guidance on where to start, how to proceed and what to emphasize. A new resource models its recommendations on what its authors call the “SETO Loop.”

FDA Commissioner Robert Califf, MD, said the clinical community needs to combat health misinformation at a grassroots level. He warned that patients are immersed in a "sea of misinformation without a compass."

With generative AI coming into its own, AI regulators must avoid relying too much on principles of risk management—and not enough on those of uncertainty management.

Trimed Popup
Trimed Popup