According to a recent update from Politico, the Department of Health and Human Services’ Office for Civil Rights (OCR) is facing an overflowing caseload of ransomware incidents and other healthcare cybersecurity threats.
Melanie Fontes Rainer, OCR acting director, states that investigators are “under incredible resource constraints and incredibly overworked.”
Keep reading to learn more about OCR’s challenges and proposed next steps. Plus, find out how HIPAA compliant email can help covered entities stay one step ahead.
Why the OCR budget matters to healthcare
The black market values protected health information (PHI) more than other types of personal information. That’s why cyberattacks are common in the healthcare industry.
Ransomware strikes these organizations especially hard since disruptions in care can put patients’ lives in danger. Therefore, they are more likely to comply with ransom demands.
As this threat grows, the OCR cannot provide the support needed to assist healthcare organizations. This is primarily due to inadequate funding and resources provided by Congress.
Because the OCR has a limited budget, it has a smaller investigation team than many local police departments. Consequently, investigators must handle more than 100 cases simultaneously.
Possible solutions on the horizon
In order to address this concern, the Biden administration has requested a 60 percent budget increase in 2023. As a result, the OCR would be able to hire 37 new investigators.
In addition to balancing the agency’s workload, additional resources will give the agency more opportunities to provide guidance.
Additionally, OCR officials believe implementing higher fines will boost enforcement and encourage healthcare organizations to comply with HIPAA requirements.
Healthcare cybersecurity advocates point to other solutions to reduce risks. Investing in better defense systems and workforce development is part of this strategy.
AHA‘s national adviser for cybersecurity and risk, John Riggi, has called for federal support to train staff to improve security. And Intermountain Healthcare‘s chief information security officer urges the Centers for Medicare & Medicaid Services to develop payment models that directly fund cybersecurity programs.
Secured email is secured healthcare
Covered entities can avoid falling victim to ransomware and other security threats by putting the right protections in place from the start. And with email serving as a leading threat vector for cybercrime, a stronger email security strategy is a must. That’s where a HIPAA compliant email provider comes in.
Designed to integrate with your existing email platform, Paubox Email Suite enables HIPAA compliant email by default to ensure automatic compliance with HIPAA email rules.
This means you don’t have to spend time deciding which emails to encrypt and your patients are able to receive your messages right in their inbox—no additional passwords or portals necessary.
In addition to healthcare email encryption, Paubox Email Suite’s Plus and Premium plan levels include robust inbound email security tools that block ransomware and other attacks from even reaching the inbox in the first place.
Our patent-pending Zero Trust Email feature uses email AI to confirm that an email is legitimate. Additionally, our patented ExecProtect solution quickly intercepts display name spoofing attempts.
Are you in healthcare and concerned about digital security?
Paubox technology is HITRUST CSF certified, patented and provides the most advanced HIPAA compliant email solutions available. Paubox solutions are designed to be effortlessly easy to implement and use.
In fact, Paubox is securing 70,000,000 HIPAA compliant emails each month for over 4,000 healthcare customers and has a 4.9/5 G2 rating.
Whether you are a large hospital or a standalone clinic, Paubox has the right email product to keep your data, organization and patients safe.