California Attorney General Rob Bonta is calling on hospitals to comply with state cyberattack reporting laws because there are several unreported ransomware attacks, according to a Sept. 3 StateScoop report.
Four things to know:
- Mr. Bonta said in an Aug. 24 news release he issued the guidance because there are "multiple unreported ransomware attacks against California healthcare facilities."
- The bulletin said the effects of a data breach last much longer than the initial breach. Notifying patients in a timely manner allows them to mitigate the potential losses from the fraudulent use of the protected health information that hackers obtain in cyberattacks. He said healthcare providers need to meet their data breach notification requirements to protect the public.
- "Entities entrusted with private and deeply personal data, like hospitals and other healthcare providers, must secure information against evolving threats," Mr. Bonta said in the news release. "California law mandates that data breaches impacting more than 500 of our residents be reported to the California Department of Justice. In addition, I implore all entities that house confidential health-related information to be vigilant and take steps now to protect patient data, before a potential cyberattack."
- The bulletin was sent to associations that represent California hospitals, physicians and dentists. It also urged the healthcare providers to patch their operating systems regularly, install antivirus software, maintain data backups and have data breach response plans.