The Securities and Exchange Commission (SEC) finalized a rule in July 2023, effective from September 5, 2023, mandating publicly traded companies to promptly disclose cyber incidents. The rule standardizes breach disclosures, impacting public healthcare entities and vendors serving the healthcare sector. It requires reporting material cybersecurity incidents within four days, except when national security is at risk. Critics argue the tight timeline may lead to unclear or inaccurate disclosures. The rule also demands periodic disclosures on cyber risk management, aiding vendor assessment. Non-compliance may result in penalties, emphasizing the need for improved cybersecurity practices.
Q&A: Nutanix IT Leader on Adopting AI and Hosting EHRs and Healthcare Data Management in the Cloud
Healthcare organizations are adopting unified platforms like hybrid multicloud to enhance patient care and streamline operations. These platforms help balance security, flexibility, and data mobility.