Health Cybersecurity Guide Could Redefine 'Reasonable'
The U.S. Department of Health and Human Services (HHS) released a new four-volume guide on Dec. 28, 2018, on voluntary cybersecurity standards aimed at providing best practices to healthcare organizations of all types and sizes.
The publication was produced in collaboration with the private sector and lays out the top five cyber threats facing the industry, offering ways to help reduce these risks and urging stakeholders to immediately take protective and preventative measures to boost their companies' data privacy and security. It is likely to officially set a new "reasonable security" model to influence private litigation and more formal policymaking efforts, according to attorneys like Shannon Hartsfield.
"I see this as a belated holiday present to the healthcare sector," Ms. Hartsfield told Law360. "Instead of issuing brand new rules, from what I've seen, these documents provide useful, easy to read guidance and suggestions for examining an organization's cybersecurity practices."
READ: Health Cybersecurity Guide Could Redefine 'Reasonable' (Subscription required)