ViVE 2024 Offers a Preview of the Current State of Cybersecurity in Healthcare

The surge in harmful data breaches at hospitals has raised concerns for the U.S. healthcare system.

Between 2018 and 2022, there has been a 93% increase in major breaches reported to the Department of Health and Human Services' Office for Civil Rights (OCR), from 369 to 712. Of particular concern is the 278% increase in significant breaches involving ransomware, as revealed by data from the Department of Health and Human Services' Office for Civil Rights. To address the growing threat of these cyberattacks and the potential risks to patient care, the Department of Health and Human Services has introduced voluntary healthcare-specific cybersecurity performance goals (CPGs) along with a new gateway website.

These initiatives aim to assist healthcare and public health sector organizations in implementing effective cybersecurity practices and accessing the vast cybersecurity resources offered by HHS and other federal partners. The CPGs consist of 10 essential goals and 10 enhanced goals, including measures to mitigate vulnerabilities, reduce email-based threats, implement multi-factor authentication, provide cybersecurity training, deploy encryption, and more. These goals are crucial for enhancing the overall cybersecurity posture of healthcare organizations.

In response to these cybersecurity challenges, Mari Savickis, Vice President of Public Policy at CHIME, will moderate a panel discussion at the Cybersecurity Pavilion during the ViVE 2024 event in Los Angeles. She anticipates significant developments in cybersecurity this year, including potential updates to the HIPAA Security Rule and the integration of CPGs into regulatory requirements. During the panel discussion, members of the Health Sector Coordinating Council's Cybersecurity Working Group will make a significant announcement aimed at improving the cybersecurity posture of the health sector through collaborative efforts.

This initiative is led by industry leaders such as Greg Garcia, Erik Decker, and Chris Tyberg. Various sessions at the Cyber Pavilion during ViVE 2024 will delve into topics such as bridging the gap between cybersecurity and healthcare, the future of healthcare cybersecurity by 2029, insights into cyber adversaries utilizing AI, and resources for improving cybersecurity in healthcare boards. These sessions will provide valuable insights and strategies for healthcare professionals to enhance their cybersecurity defenses and address the evolving challenges posed by cyber threats.

Overall, the healthcare sector is increasingly vulnerable to cyberattacks, emphasizing the critical need for robust cybersecurity measures and collaborative efforts to safeguard patient data and ensure the resilience of healthcare systems against cyber threats.