Propel Cyber Security Alert

cyber security

The Department of Health and Human Services (HHS) Publishes New HHS Cyber Security Guidelines – 5 Questions Answered

1. What was published?

The Department of Health and Human Services (HHS) posted on their website a four-volume document called “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients” that includes materials for different-sized organizations, and also various resources and templates.

2. Are healthcare and senior care companies required to follow the guidelines?

No. The guidelines are strictly optional.

3. Who is the intended audience for the guidelines?

The first volume is directed at executive decision makers, while the technical volumes are directed at IT staff.

4. Where can I find this publication?

The guidelines can be found here.

5. How does this affect insurance?

It will take time, but we expect underwriters at upcoming renewals for cyber insurance to start asking: “Does your company follow the new HHS cybersecurity guidelines?” We further expect that the answer to that question, positive or negative, will have an impact on cyber insurance quotes.

Please contact Propel Insurance with further questions.

 

Leave a Reply