On November 13, the Governor unveiled new cyber regulations for state hospitals. The Governor’s FY24 budget includes $500 million in funding that health care facilities may apply to upgrade their systems in order to comply. 

According to the release which can be read here states:

“The proposed regulations aim to strengthen the protections on hospital networks and systems that are critical to providing patient care, as a complement to the Health Insurance Portability and Accountability Act (HIPAA) Security Rule that focuses on protecting patient data and health records. Under the proposed provisions, hospitals will be required to establish a cybersecurity program and take proven steps to assess internal and external cybersecurity risks, use defensive techniques and infrastructure, implement measures to protect their information systems from unauthorized access or other malicious acts, and take actions to prevent cybersecurity events before they happen.”

Lanton Law with offices in Boston and Washington D.C. is a national boutique law and government affairs firm that closely monitors legislative, regulatory and legal developments in the healthcare and technology spaces.

Contact us to learn about how either our legal or lobbying services can help you attain your goals.

The FDA has just released a new cybersecurity draft titled “Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions; Draft Guidance for Industry and Food and Drug Administration Staff; Availability.” The draft guidance can be viewed here. Comments are due July 7, 2022. 

What is the FDA proposing? 

In 2018, the FDA proposed updates to the final guidance, ‘‘Content of Premarket Submissions for Management of Cybersecurity in Medical Devices,’’ and issued a draft guidance of the same name.”

This draft guidance replaces the aforementioned 2018 guidance and is “intended to further emphasize the importance of ensuring that devices are designed securely, are designed to be capable of mitigating emerging cybersecurity risks throughout the Total Product Life Cycle, and to clearly outline FDA’s recommendations for premarket submission content to address cybersecurity concerns.” 

Why is the FDA doing this? 

According to the draft guidance as “more medical devices are becoming interconnected, cybersecurity threats have become more numerous, more frequent, more severe, and more clinically impactful. As a result, ensuring medical device safety and effectiveness includes adequate medical device cybersecurity, as well as its security as part of the larger system.”

How Lanton Law can help

Society’s reliance on technology has become even more vital with the effects of COVID-19. With all of the hacking and malware attacks we have witnessed against various data stakeholders, we foresee cybersecurity as a major legal & policy area that will continue to be expanded.   

Lanton Law is a national boutique law and lobbying firm that focuses on technology and healthcare. If you are a tech or healthIT industry stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions, contact us today.

In the wake of the Colonial Pipeline attack, President Biden has signed the Executive Order on Improving the Nation's Cybersecurity. The EO has a number of provisions including: 

• Establishes a “Cybersecurity Safety Review Board” comprising public- and private-sector officials, which can convene after cyber attacks to analyze the situation and make recommendations.

• Requires IT service providers to tell the government about cybersecurity breaches that could impact U.S. networks, and removes certain contractual barriers that might stop providers from flagging breaches.

• Plans for enhancing software supply chain security 

This comes amid an increase in cyber attacks on private healthcare and technology companies as well as the federal government. 

Ransomware attacks are becoming a bigger threat and being prepared from a compliance and risk management standpoint is becoming more crucial. Having appropriate cyber policies in place is one step.  We have other solutions. 

Lanton Law is a national boutique law and lobbying firm that focuses on technology and healthcare. If you are an industry stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions, contact us today.

The President’s request for fiscal year 2022 discretionary funding has been released. Below are a few mentions for cybersecurity:  

• To support agencies as they modernize, strengthen, and secure antiquated information systems and bolster Federal cybersecurity the discretionary equest recommends $500 million for the Technology Modernization Fund, an additional $110 million for the Cybersecurity and Infrastructure Security Agency, and $750 million as a reserve for Federal agency information technology enhancements.  

With increased hacking and ransomware attacks, cybersecurity is going to be more front and center for both policy and legal discussions. For example in this request by the Administration, the attack on SolarWinds Corp. and Microsoft Exchange’s email servers were expressly mentioned. For stakeholders that traffic in data, cybersecurity policies are essential. Ensuring compliance with federal and state requirements are key and we can help. 

Lanton Law is a national boutique law and lobbying firm that focuses on technology and healthcare. If you are an industry stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions, contact us today. 

Senator Markey (D-MA) and Congressman Lieu (D-CA) have reintroduced the Cyber Shield Act. The proposed legislation will create a voluntary program to identify and promote internet-connected products that meet industry-leading cybersecurity and data security standards, guidelines, best practices, methodologies, procedures, and processes, and for other purposes. 

According to the legislators’ press release, the proposal will specifically establish an advisory committee of cybersecurity experts from academia, industry, consumer groups, government, and the public to create cybersecurity benchmarks for IoT devices – such as baby monitors, home assistants, smart locks, cameras, cell phones, and laptops. IoT manufacturers can then voluntarily certify that their products meet those cybersecurity benchmarks, and display this certification to the public with a “Cyber Shield” label that will help consumers identify and purchase more secure technology for their homes.”

The bill can be viewed here. 

Our reliance on technology has become even more vital with the effects of COVID-19. With all of the hacking and malware attacks we have witnessed against various data stakeholders, we foresee cybersecurity as a major policy area that will continue to be expanded.   

Lanton Law is a national boutique law andlobbying firm that focuses on technology and Health IT.If you are an industry stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions,contact us today.