After a 14-month investigation into the 2017 Equifax data breach, which was one the largest in U.S. history, the House Oversight and Government Reform Committee released a report in December.
Tag: cybersecurity
New Handbook Provides Guidance to Healthcare Delivery Organizations on Preparation and Response to Medical Device Cybersecurity Incidents
Recently, the MITRE Corporation, in collaboration with the U.S. Food and Drug Administration (FDA), announced the release of the Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook. The Playbook was designed to provide “tools, references, and resources” for Healthcare Delivery Organizations (HDOs) to better prepare for and respond to medical device cybersecurity incidents.
Cybersecurity Responsibilities of a Plan Sponsor
Plan sponsors of retirement plans handle a lot personal participant data, but many are unaware of their fiduciary duties in the context of cybersecurity. If a retirement plan suffers a cyberattack, plan assets could be diverted and misused. Under the Employee Retirement Income Security Act (ERISA), the plan sponsor could be held liable for a fiduciary breach for failure to satisfy a duty of loyalty and to act prudently.
Continue reading “Cybersecurity Responsibilities of a Plan Sponsor”
Digital Medicine: Health Care Providers’ Side of the Story
Health care technology, particularly digital medicine, promises great new capabilities that will improve outcomes and reduce overall costs and time constraints. Digital medicine encompasses a broad-range of technologies, from technologies used to record, retain, and manipulate health data (i.e., Electronic Health Records aka., EHRs) and thereby make it more useable and amenable to analysis; to actual tools in clinical care (i.e., medical imaging, wearable sensors) that can measure physiological parameters or patient activity and facilitate clinical care and decision-making.
Continue reading “Digital Medicine: Health Care Providers’ Side of the Story”
Federal IT Modernization Report Recommendations
This post is part of a continuing DBR on Data series on Executive Order 13800 and updates on its implementation a year after passage.
Strengthening federal information technology (IT) has been one of the priorities of the current administration, as outlined in the May 2017 Executive Order 13800. As summarized in our previous blog, the Director of the American Technology Council (ATC) was tasked, among other things, to coordinate the preparation of a report to the president regarding modernization of federal IT infrastructure. The draft report was made available for public comment in August, and finalized in December 2017. The final report’s implementation clock started on January 1, 2018.
Continue reading “Federal IT Modernization Report Recommendations”
OMB Releases Report on Federal Cybersecurity Risk
This is the first post in a DBR on Data series on Executive Order 13800 and updates on its implementation a year after passage.
The White House Office of Management and Budget (OMB) released in May 2018 its report to the president on federal cybersecurity risk determination. The report, which responds to the President’s May 2017 Executive Order 13800, entitled “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure,” comes as several key reports also required by Executive Order 13800 have been recently released in full or in summary form. The Federal Cybersecurity Risk Determination Report and Action Plan concludes that the recent government-wide cybersecurity risk assessment conducted by the OMB, in collaboration with the Department of Homeland Security (DHS), confirms the need for the U.S. government to take “bold approaches” to improve federal cybersecurity.
Continue reading “OMB Releases Report on Federal Cybersecurity Risk”