As cyber threats evolve, legal provisions like the Health Insurance Portability and Accountability Act (HIPAA) may not be sufficient to protect healthcare data. Proposed legislation, including the Healthcare Cybersecurity Act and the Health Infrastructure Security and Accountability Act (HISAA), could strengthen protections. However, these fail to address non-traditional health data like fitness tracker information. A more comprehensive approach is required, encompassing consumer health data and collaboration between tech and healthcare companies, as well as robust leadership from CISOs.

The NHS needs to tighten its third-party supplier cybersecurity
The NHS should proactively fortify cybersecurity within its third-party software suppliers following recent damaging ransomware attacks, says Jonathan Lee from Trend Micro. He suggests implementing