On 15 January 2025, the European Commission published an action plan on the cybersecurity of hospitals and healthcare providers (the “Action Plan”). The Action Plan sets out a series of EU-level actions that are intended to better protect the healthcare sector from cyber threats. The publication of the Action Plan follows a number of high-profile incidents in recent years where healthcare providers across the European Union have been the target of cyber attacks.Continue Reading European Commission Publishes Action Plan on Cybersecurity of Hospitals and Healthcare Providers
healthcare
NHSX Consults on Draft Digital Health Technology Standard
On February 27, 2020 NHSX, the technology and digital unit of the NHS, published its draft Digital Health Technology Standard (the “Standard”) for consultation to stakeholders in the digital health space (the “Consultation”). The Consultation is open until 22 April, 2020 (and is available here).
The Standard, which is based on existing industry and health standards, is intended to streamline how digital health technologies are reviewed and commissioned by the NHS and social care.Continue Reading NHSX Consults on Draft Digital Health Technology Standard
Moving to the Cloud: Some Key Considerations for Healthcare Entities
Healthcare providers, health plans, and other entities are increasingly utilizing cloud services to collect, aggregate, store and process data. A recent report by IDC Health Insights suggests that 80 percent of healthcare data is expected to pass through the cloud by 2020. As a substantial amount of healthcare data comprises “personal information” or “protected health information” (PHI), federal and state privacy and security laws, including the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act, raise significant questions for healthcare providers and health plans utilizing the cloud in connection with such data. Such questions include whether HIPAA requirements extend to cloud providers, how and if entities storing health data on the cloud will be notified in case of a breach, and whether storage of data overseas by cloud providers triggers any additional obligations or concerns.
Continue Reading Moving to the Cloud: Some Key Considerations for Healthcare Entities