Recent mega data breaches, like the Change Healthcare cyberattack, are highlighting the importance of managing security risks associated with third-party vendors. Regulatory attorney Rachel Rose emphasizes the need for organizations to conduct due diligence and understand their obligations under federal regulations like HIPAA and the HITECH Act. Cybercriminals target entities with numerous connections, emphasizing the need for strong compliance and security measures in place
Rose also discusses considerations for healthcare organizations with online tracking tools, complying with HHS regulations, and potential shifts in HIPAA enforcement focus based on the U.S. presidential election outcome. She underlines the significance of ensuring that business associate agreements are truthful to mitigate risks in post-breach scenarios. https://www.bankinfosecurity.com/interviews/how-mega-attacks-are-spotlighting-critical-3rd-party-risks-i-5418