The California Attorney General recently issued a guidance bulletin to healthcare providers reminding them of their compliance obligations under the state’s health data privacy laws and urging providers to take proactive steps to protect against cybersecurity threats. The guidance comes in response to growing alarm over a surge in cybercrime against hospitals and other health providers.
The guidance reminds providers to implement reasonable administrative, technical, and physical security measures to prevent and mitigate against ransomware and other cybersecurity attacks. It also outlines the minimum preventative measures that California health care providers, specifically, should implement in order to protect their data systems from cyberattacks:
- keep all operating systems and software housing health data current with the latest security patches
- install and maintain virus protection software
- provide regular data security training for staff members that includes education on not clicking on suspicious web links and guarding against phishing emails
- restrict users from downloading, installing, and running unapproved software
- maintain and regularly test a data backup and recovery plan for all critical information to limit the impact of data or system loss in the event of a data security incident.
Healthcare Real Estate: Challenges and Industry Shifts for 2025
Geisinger to Build $32 Million Cancer Center in Pennsylvania
Sunflower Medical Group Experiences Data Breach
Strategies to Eradicate Biofilm Containing C. Auris
Man Attacks Nurses, Police Officer at Jefferson Hospital