• Home
  • Breach
  • Medical Group Management Association
Breach cyber

Medical Group Management Association

Jul 15, 2024 2 min read
Medical Group Management Association

The Medical Group Management Association (MGMA) has raised concerns over the proposed rule by the Cybersecurity and Infrastructure Security Agency (CISA) under the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA). MGMA highlights the challenges faced by medical groups, emphasizing the potential for burdensome and duplicative cyber incident reporting requirements that could hinder their operations, especially during significant cyberattacks. Considering existing HIPAA obligations, MGMA suggests collaboration between CISA and HHS to streamline reporting processes. Furthermore, MGMA expresses apprehension that the size-based threshold for reporting may adversely affect smaller medical practices. MGMA urges CISA to reconsider aspects of its proposed rule to reduce administrative load and financial implications for medical groups, emphasizing the need for a comprehensive cybersecurity infrastructure supported by adequate funding.

Source: https://www.hcinnovationgroup.com/cybersecurity/data-breaches/news/55093955/stakeholders-suggest-changes-to-cisas-cybersecurity-reporting-rule

TPRM report: https://scoringcyber.rankiteo.com/company/mgma

"id": "mgm617071524",
"linkid": "mgma",
"type": "Breach",
"date": "7/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Healthcare',
                        'name': 'Medical Group Management Association (MGMA)',
                        'type': 'Non-profit Organization'}],
 'description': 'The Medical Group Management Association (MGMA) has raised '
                'concerns over the proposed rule by the Cybersecurity and '
                'Infrastructure Security Agency (CISA) under the Cyber '
                'Incident Reporting for Critical Infrastructure Act (CIRCIA). '
                'MGMA highlights the challenges faced by medical groups, '
                'emphasizing the potential for burdensome and duplicative '
                'cyber incident reporting requirements that could hinder their '
                'operations, especially during significant cyberattacks. '
                'Considering existing HIPAA obligations, MGMA suggests '
                'collaboration between CISA and HHS to streamline reporting '
                'processes. Furthermore, MGMA expresses apprehension that the '
                'size-based threshold for reporting may adversely affect '
                'smaller medical practices. MGMA urges CISA to reconsider '
                'aspects of its proposed rule to reduce administrative load '
                'and financial implications for medical groups, emphasizing '
                'the need for a comprehensive cybersecurity infrastructure '
                'supported by adequate funding.',
 'recommendations': 'MGMA suggests collaboration between CISA and HHS to '
                    'streamline reporting processes. They also urge CISA to '
                    'reconsider aspects of its proposed rule to reduce '
                    'administrative load and financial implications for '
                    'medical groups, emphasizing the need for a comprehensive '
                    'cybersecurity infrastructure supported by adequate '
                    'funding.',
 'title': "MGMA Concerns Over CISA's Proposed Cyber Incident Reporting Rule",
 'type': 'Policy Concern'}
Published by
Jeremy C
Jeremy C
You might also like
Breach cyber

Helsinki

public 1 min read
A data breach affecting Helsinki, Finland’s capital and largest employer, exposed sensitive personal data of over 300,000 people.…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.