Compliance Management

NIST is seeking industry feedback on its updated healthcare cybersecurity insights, which have a renewed focus on HIPAA implementations. Meanwhile, the Cloud Security Alliance unveiled a third-party risk guide for healthcare.

The Proactive Cyber Initiatives Act of 2022, introduced by Rep. Eric Swalwell, D-Calif., would insert language into federal law that explicitly puts the Office of the National Cyber Director in charge of “deconflicting overlapping jurisdictions between agencies regarding cybersecurity activities and authority to mitigate risks.”

CyberScoop reports that the White House is poised to release a new cybersecurity strategy aimed at strengthening the U.S. digital infrastructure's defenses through increased industry action.

BJC Healthcare has agreed to settle with the 287,873 patients involved in a 2020 healthcare data breach, which would require the provider to implement MFA for email access.

The Department of Health and Human Services' Office of Civil Rights settled 11 more possible HIPAA right of access violations, including a civil monetary penalty levied against ACPM in Illinois for failing to provide a patient access or respond to OCR.

The House passed the Quantum Computing Cybersecurity Preparedness Act, which would press agencies to identify specific systems and devices for the transition and require the executive branch to provide regular updates to Congress.

The prospect of offering financial and payments services to cannabis sales businesses appears as both a rare greenfield opportunity for banks and credit unions, and also a potential risk management landmine.