Health Care Client Alert: Dear New Year, Please Keep My Health Care Business from Breaches | Brouse McDowell | Ohio Law Firm
Menu
Insights

Attorney Search

Health Care Client Alert: Dear New Year, Please Keep My Health Care Business from Breaches

on January 3, 2022

Happy New Year! As we begin a new start, you may have a long list of business resolutions since health care businesses are juggling many mission-critical issues—even sans patient care needs. Cybersecurity should always be a top priority. A health care business without its diagnostic, medical records and clinical tools is nearly unusable.

Last week, the Secretary of Health and Human Services published a letter to Health Care and Public Health Leaders notifying them of a technical vulnerability in Apache Log4j, a computer software that logs the activity of many medical devices and hardware. The vulnerability creates a risk for that system and ultimately the network on which that system/device resides to be exfiltrated or hacked by attackers, including with ransomware.

The letter outlines the following steps and strongly recommends that health care operators follow the Cybersecurity & Infrastructure Security Agency’s (CISA) guidance in identifying and addressing this risk.

  • Implement the guidance provided by the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency’s (DHS CISA) for the Apache Log4j information, located at: Apache Log4j Vulnerability Guidance;
  • Review cybersecurity resources from HHS and (CISA);
  • Diligently monitor your networks, raise your cybersecurity awareness, and maintain readiness of your emergency operations procedures and continuity plans; and
  • Promptly report any cybersecurity incidents to CISA or the FBI.
If your business is attacked by ransomware or compromised by other breaches, contact one of our cybersecurity or health care attorneys at Brouse McDowell immediately as there are several critical action steps that must occur to promptly mitigate your situation, including facilitating communication with the FBI and/or CISA, your insurance carrier, and more. Finally, if your business does not have an incident response plan for situations such as these, we can assist you with developing such policies. A lack of breaches may not have been on your Christmas list last year but securing your network can be a successful New Year resolution

Share Article Via

Expand AllCollapse All
 
Akron Cleveland Sharon Toledo Youngstown
Contact Us eNews Sign Up
© Brouse McDowell, A Legal Professional Association.
© Brouse McDowell

Brouse McDowell, A Legal Professional Association.

eNews Sign Up
Site by Clockwork Design Group, Inc     Hosted on the FirmWise Platform
We use cookies on our website. To learn more about how we use cookies and how to change your cookies settings if you do not want cookies on your computer, please see our updated Privacy Statement. By continuing to use this site you consent to our use of cookies in accordance with our Privacy Statement.