Medical device hacking and demystifying federal cybersecurity policy

If you’re hungry for more info on the recently released federal cybersecurity policy for healthcare, this episode of Health Stealth Radio will hit the spot. Host Frank Cutitta, senior strategist with DHI/CHIME welcomes the CHIME Public Policy Team’s Mari Savickis and Chelsea Arnone, who provided insights into the policy and its implications.

“This is the government’s way of nudging us forward as an industry,” Savickis said, noting the release is considered sub-regulatory guidance, not law. “Several years ago … cybersecurity was not a priority for the healthcare sector, but … we’re making a lot of improvements and working together.”

In addition to the Cybersecurity Performance Goals (CPGs) outlined in the policy, other key topics included the challenges faced by healthcare providers in implementing cybersecurity measures, the lack of funding and resources, and the potential impact of the HIPAA Security Rule update. The Washington insiders also touched upon the Cybersecurity Information Sharing Act of 2015 (CISA), the medical device-targeted PATCH Act, and the upcoming CISA law, which mandates reporting of cyber incidents and ransomware payments. In addition to the PATCH Act, which is aimed at medical device vulnerabilities,

Listen to the full episode on cyber security policy here: