Medical Group Management Association
The Medical Group Management Association (MGMA) has raised concerns over the proposed rule by the Cybersecurity and Infrastructure Security Agency (CISA) under the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA). MGMA highlights the challenges faced by medical groups, emphasizing the potential for burdensome and duplicative cyber incident reporting requirements that could hinder their operations, especially during significant cyberattacks. Considering existing HIPAA obligations, MGMA suggests collaboration between CISA and HHS to streamline reporting processes. Furthermore, MGMA expresses apprehension that the size-based threshold for reporting may adversely affect smaller medical practices. MGMA urges CISA to reconsider aspects of its proposed rule to reduce administrative load and financial implications for medical groups, emphasizing the need for a comprehensive cybersecurity infrastructure supported by adequate funding.
"id": "mgm617071524",
"linkid": "mgma",
"type": "Breach",
"date": "7/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"