https:\/\/www.politico.com\/news\/2022\/08\/28\/hackers-have-laid-siege-to-u-s-health-care-and-a-tiny-hhs-agency-is-buckling-under-the-pressure-00053941<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"“the Department of Health and Human Services\u2019 Office for Civil Rights, which is tasked with investigating breaches, helping health care organizations bolster their defenses, and fining them for lax security, is poorly positioned to help. That\u2019s because it has a dual mission \u2014 both to enforce the federal health privacy law known as HIPAA and to help the organizations protect themselves \u2014 and Congress has given it few resources to do the job.
\n\u201cThey\u2019re a fish out of water \u2026 They were given the role of enforcement under HIPAA but weren\u2019t given the resources to support that role,\u201d said Mac McMillan, CEO of CynergisTek, a Texas firm that helps health care organizations improve their cybersecurity.<\/p>\n
Due to its shoestring budget, the Office for Civil Rights has fewer investigators than many local police departments, and its investigators have to deal with more than a hundred cases at a time. The office had a budget of $38 million in 2022 \u2014 the cost of about 20 MRI machines that can cost $1 million to $3 million a pop.<\/p>\n
Another problem is that the office relies on the cooperation of the victims, the institutions that hackers have targeted, to provide evidence of the crimes. Those victims may sometimes be reluctant to report breaches, since HHS could then accuse them of violating HIPAA and levy fines that come on top of costs stemming from the breach and the ransoms often demanded by the hackers.<\/p>\n
Depending on the circumstances, it can seem like blaming the victim, especially since the hackers are sometimes funded or directed by foreign governments. And it\u2019s raised questions about whether the U.S. government should be doing more to protect health organizations.”<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[13],"tags":[1336,167,456,73],"class_list":["post-9033","post","type-post","status-publish","format-standard","hentry","category-article-share","tag-department-of-health-and-human-services","tag-government","tag-hacking","tag-healthcare"],"_links":{"self":[{"href":"https:\/\/lonecandle.com\/index.php?rest_route=\/wp\/v2\/posts\/9033","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lonecandle.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lonecandle.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lonecandle.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lonecandle.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=9033"}],"version-history":[{"count":1,"href":"https:\/\/lonecandle.com\/index.php?rest_route=\/wp\/v2\/posts\/9033\/revisions"}],"predecessor-version":[{"id":9034,"href":"https:\/\/lonecandle.com\/index.php?rest_route=\/wp\/v2\/posts\/9033\/revisions\/9034"}],"wp:attachment":[{"href":"https:\/\/lonecandle.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=9033"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lonecandle.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=9033"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lonecandle.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=9033"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}