Pittsburg, PA

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
One PPG Place, Suite 1500
Pittsburgh, PA 15222
(412) 566-1212
(412) 594-5619
Directions to Pittsburgh

Harrisburg, PA

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
300 Corporate Center Drive, Suite 200
Camp Hill, PA 17011
(717) 234-4121
(717) 232-6802
Directions to Harrisburg

New York, NY

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
250 Park Avenue, Suite 1508, 7th Floor
New York, NY 10171
(212) 739-7910
(212) 739-9607
Directions to New York

Foster City, CA

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
1098 Foster City Boulevard, Suite 106 #700
Foster City, California 94404
(650)208-2701
Directions to Foster City

Widget Title

  • People
  • Practice Areas
  • News + Insights
    • News
    • Articles
    • Speaking
  • Office Locations
    • Pittsburgh
    • Harrisburg
    • New York
    • Foster City
  • About the Firm
    • Overview
    • Careers
    • Diversity
    • Women@Tucker
    • Affiliations
    • Pro Bono & Community

Title

  • Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar

Tucker Arensberg, P.C.Tucker Arensberg, P.C.

Attorneys in Pittsburgh, Harrisburg, New York City

  • People
  • Practice Areas
  • News + Insights
  • About Our Firm
  • COVID 19: Answers to Business Challenges
ShareBookmarkPDF

2022 Budget Bill Includes Mandatory Healthcare Cyber Incident Reporting

Articles, News April 4, 2022

Michael A. Cassidy, mcassidy@tuckerlaw.com, (412) 594-5515

The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), was passed as part of the consolidated Budget Act for 2022, which also included the telehealth provisions.

The definition of “covered entity” in the Act is far greater than covered entity as defined by HIPAA.  Covered entity as per CIRCIA includes all of the entities identified by presidential policy directives as “designated critical infrastructure sector” entities.

However, the recent Medicare Compliance Reporter indicates that this will require hospitals to report cyber breaches in 72 hours and ransom payments within 24 hours to DHS.

The legislation gives the Cybersecurity and Infrastructure Security Agency (CISA) at DHS 24 months to propose implementing regulations, which then must be finalized 18 months thereafter, so we are looking at a window of approximately 3 and a half years at this point.

For more information on this, contact Mike Cassidy at mcassidy@tuckerlaw.com. Visit our Med Law Blog here.

Primary Sidebar

2022 Budget Bill Includes Mandatory Healthcare Cyber Incident Reporting

Related

Topics

  • Cybersecurity
  • Health Care Law

Practice Areas

  • Healthcare
© 2023 All Rights Reserved|Tucker Arensberg, P.C.|Log in|Powered by Content Pilot
  • Sitemap
  • Disclaimer
  • Privacy Policy