AHA comments on CIRCIA’s cyber incident reporting requirements 

Jul 02, 2024 - 03:01 PM
oig-fda-cybersecurity

The AHA July 2 submitted comments to the Cybersecurity and Infrastructure Security Agency on its proposed rule establishing reporting requirements for cybersecurity incidents under the Cyber Incident Reporting for Critical Infrastructure Act. The AHA called the requirements redundant to those from other federal agencies and that they add an unnecessary burden to hospitals while maintaining care through a cybersecurity incident. AHA urged CISA and other agencies to guarantee data anonymity across all federal agencies, and said applicability of the reporting rules are confusing, calling for them to be simplified due to compliance and operational burdens to hospitals in addition to privacy risks. AHA also expressed concern about the proposed rule’s penalties, calling them “vague and potentially severe,” and recommended that CISA revise the rule to incentivize collaboration instead.

Related News Articles

Headline
Cyberthreat actors using ChatGPT exploit to attack health care, other industries
A ChatGPT vulnerability identified last year is being used by cyberthreat actors to attack security flaws in artificial intelligence systems, according to a…
Headline
U.S. Attorney’s Office announces charges for LockBit ransomware developer
The U.S. Attorney’s Office for the District of New Jersey March 13 announced charges for Rostislav Panev, a dual Russian and Israeli national, for his alleged…
Headline
Advisory warns of Medusa ransomware activity 
A joint advisory released March 12 by the FBI, Cybersecurity and Infrastructure Security Agency, and the Multi-State Information Sharing and Analysis Center…
Headline
AHA podcast: Critical Condition — Cybersecurity in Rural Hospitals with Microsoft, Part 2
John Riggi, AHA national advisor for cybersecurity and risk, and Justin Spelhaug, corporate vice president and global head of Tech for Social Impact at…
Headline
AHA podcast: Critical Condition — Cybersecurity in Rural Hospitals with Microsoft, Part 1
John Riggi, AHA national advisor for cybersecurity and risk, and Justin Spelhaug, corporate vice president and global head of Tech for Social Impact at…
Headline
Silk Typhoon cyberthreat group targets IT supply chain
A Microsoft report published March 5 identified recent tactics by Silk Typhoon, a Chinese state-sponsored cyberthreat group known for extensive espionage…