The article discusses the rise in cybersecurity incidents and attacks experienced by the health care industry since the emergence of COVID-19. While the types of cyber threats health care organizations have encountered during the COVID-19 pandemic are not wholly original, factors including the rapid shift to remote work, the expansion of telehealth and the strain on resources experienced by many organizations, have combined to create new security vulnerabilities and challenges. While governmental authorities have (temporarily) waived various regulatory standards and eased enforcement for certain privacy, security and breach notification requirements during the public health emergency, malicious cyber actors cannot be expected to show similar restraint. Examining threats such as ransomware, phishing and password spraying, the article includes tips for better cyber health.
This article also was featured in Katten's Health Care Law Perspectives.