cognitive cybersecurity intelligence

News and Analysis

Search

Navigating the SEC Cyber Incident Disclosure Rule, How It Impacts Healthcare

The Securities and Exchange Commission (SEC) finalized a rule in July 2023, effective from September 5, 2023, mandating publicly traded companies to promptly disclose cyber incidents. The rule standardizes breach disclosures, impacting public healthcare entities and vendors serving the healthcare sector. It requires reporting material cybersecurity incidents within four days, except when national security is at risk. Critics argue the tight timeline may lead to unclear or inaccurate disclosures. The rule also demands periodic disclosures on cyber risk management, aiding vendor assessment. Non-compliance may result in penalties, emphasizing the need for improved cybersecurity practices.

Source: healthitsecurity.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts