After a spate of cyberattacks that diverted ambulances from US hospitals, the Department of Health and Human Services has unveiled plans to ramp up federal funding for ill-protected rural hospitals and impose stricter fines for lax security at health care providers.
The new HHS plan, shared exclusively with CNN on Wednesday, is a recognition that the status quo of hacks regularly disrupting health care in America is untenable, and that federal officials and hospital executives need to do much more to combat the problem.
“This is a really urgent threat,” HHS Deputy Secretary Andrea Palm told CNN, adding that there are rural hospitals and other cash-strapped facilities “that really need help investing” in technology and security practices “to help them keep up” the threat.
The release of the plan comes after a Thanksgiving Day ransomware attack on health care conglomerate Ardent Health Services forced hospitals from New Jersey to New Mexico to divert ambulances from emergency rooms. In the last nine months alone, other cyberattacks have resulted in ambulances being diverted from hospitals in Connecticut, Florida, Idaho and Pennsylvania.
The HHS plan focuses on getting more money and training to hospitals that still need to implement basic cybersecurity protections to keep hackers out of their systems. The department also says its willing to use a number of authorities, including imposing monetary fines, to both force and encourage health care organizations to better secure their systems. Key federal programs like Medicare and Medicaid will be used as vehicles for new cybersecurity requirements for hospitals, the plan says.
But many important details have yet to be ironed out. HHS officials say they need a significant increase in funding from Congress to implement the plan but declined to tell CNN how much it would cost. And the…
Read the full article here
