US To Hospitals: Meet Security Standards Or No Federal Money
Arthur T Knackerbracket has processed the following story:
US hospitals will be required to meet basic cybersecurity standards before receiving federal funding, according to rules the White House is expected to propose in the next few weeks.
This comes as hospitals and health clinics nationwide continue to be menaced by ransomware, and cybercrims resort to diabolical tactics to make victims pay up.
The Centers for Medicare and Medicaid Services (CMS), an arm of the US Department of Health and Human Services, is reportedly drawing up rules connecting hospital IT security with funding, which are set to take effect before the end of the year.
Citing an unnamed government official, this Messenger report says the proposed rules will focus on "those key cybersecurity practices that we really do believe bring a meaningful impact." And federal funding will hinge on hospitals enacting these basic network defenses.
[...] And while no one is going to argue against improving hospitals' security posture, cutting off their funding may not help the situation, according to some.
"Denying funding to hospitals doesn't seem like the best way to help them improve their security," Emsisoft Threat Analyst Brett Callow told The Register. "In fact, it may do the exact opposite."
Read more of this story at SoylentNews.