The COVID-19 pandemic has changed all manner of business procedures over the course of this past year, but one area you may not immediately recognize that needs to be immediately addressed relates to mandatory privacy notifications under California state law – perhaps even if you don’t have employees in the state. If you have not yet adjusted your business practices as it relates to COVID-19, you need to add this important assignment to your end-of-the-year to-do list.
Several federal agencies have teamed up to warn healthcare employers of the increased threat they face as a result of malicious cybercriminals aiming to take advantage of the pandemic to wreak havoc on their operations. The Cybersecurity and Infrastructure Agency, the Federal Bureau of Investigation, and the Department of Health and Human Services recently issued a joint advisory based on “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.” The October 28 Advisory warns that malicious cyberactors are targeting this sector with malware, which can lead to ransomware attacks, data theft, and a disruption of healthcare services. What do healthcare employers need to know about this danger and what can be done to prevent such an attack?