US President Joe Biden's administration has announced updates to existing rules aimed at strengthening cybersecurity for medical records amid a rise in healthcare data breaches, a government official said on Friday.
“In the last five years, there's been an alarming growth, 1,002 per cent, in the number of Americans affected by large breaches of healthcare information – over 167 million individuals in 2023 alone – being caused by hacking and ransomware,” said Anne Neuberger, deputy national security adviser for cyber and emerging technology.
Ms Neuberger said updates will mainly affect the Health Insurance Portability and Accountability Act (HIPAA), passed in 1996, which bolstered the security and privacy of medical records.
The act was passed long before ransomware was prevalent and the concept of health record digitisation was still in its infancy.
Ms Neuberger said the update “strengthens cyber security protections for electronic health information and adds new cybersecurity requirements, and adds additional clarity and specificity”.
She added: “One of the most concerning and really troubling things we deal with is hacking of hospitals and the hacking of healthcare data. We see hospitals forced to operate manually. We see Americans' sensitive healthcare data, sensitive mental health procedures, sensitive procedures, being leaked on the dark web with the opportunity to blackmail individuals with that.”
Earlier this year, UnitedHealth, one of the largest health insurance providers in the US, told shareholders that “unfavourable cyberattack effects” had potentially cost the company hundreds of millions of dollars.
According to the World Economic Forum’s 2023 Global Risks Report, widespread cyber crime and cyber insecurity were among the top 10 global risks in the short and long term, when ranked by 1,200 experts across academia, business, government and civil society.
Its Global Cybersecurity Outlook for this year warned that the fast-changing technology environment could leave more people than ever vulnerable to cyber crime. Ransomware, in particular, can be problematic for healthcare providers, who have occasionally seen crucial computer systems locked until a ransom is paid.
Ms Neuberger said the forthcoming updates to healthcare cybersecurity rules – the first since 2013 – will require companies to encrypt patient data, among other changes. “So if that data is hacked, it can't be leaked on the web and endanger individuals,” she said.
Salt Typhoon cyber attack
During the media briefing, Ms Neuberger also briefly addressed the continuing investigation into what has become known as the Salt Typhoon cyber breach, flagged by officials in early December. The US has accused China of sponsoring the attack that infiltrated US communications companies and potentially left American consumers vulnerable.
Initially, officials said eight US companies had been affected, but that number has since risen to nine.
Ms Neuberger said US companies need to enact critical infrastructure changes and update basic cybersecurity practices.
“What we've learnt from the investigation is that there's several categories of things that are needed in this space: better management of configuration, better vulnerability management of networks, better work across the telecom sector to share information when incidents occur,” she said.
Voluntary commitments by companies were inadequate, she said, and explained that the administration would be seeking bipartisan support from the Federal Communications Commission (FCC) to ensure compliance from telecoms companies.
Some of the changes, she said, would follow in the footsteps of regulations enacted by the UK and Australia.
“When I talked with our UK colleagues and I asked … 'Do you believe your regulations would have prevented the Salt Typhoon attack?' their comment to me was: 'We would have found it faster. We would have contained it faster.' It wouldn't have spread as widely and have had the impact and been as undiscovered for as long had those regulations been in place.”
Tips for SMEs to cope
- Adapt your business model. Make changes that are future-proof to the new normal
- Make sure you have an online presence
- Open communication with suppliers, especially if they are international. Look for local suppliers to avoid delivery delays
- Open communication with customers to see how they are coping and be flexible about extending terms, etc
Courtesy: Craig Moore, founder and CEO of Beehive, which provides term finance and working capital finance to SMEs. Only SMEs that have been trading for two years are eligible for funding from Beehive.
'The Batman'
Stars:Robert Pattinson
Director:Matt Reeves
Rating: 5/5
Ten tax points to be aware of in 2026
1. Domestic VAT refund amendments: request your refund within five years
If a business does not apply for the refund on time, they lose their credit.
2. E-invoicing in the UAE
Businesses should continue preparing for the implementation of e-invoicing in the UAE, with 2026 a preparation and transition period ahead of phased mandatory adoption.
3. More tax audits
Tax authorities are increasingly using data already available across multiple filings to identify audit risks.
4. More beneficial VAT and excise tax penalty regime
Tax disputes are expected to become more frequent and more structured, with clearer administrative objection and appeal processes. The UAE has adopted a new penalty regime for VAT and excise disputes, which now mirrors the penalty regime for corporate tax.
5. Greater emphasis on statutory audit
There is a greater need for the accuracy of financial statements. The International Financial Reporting Standards standards need to be strictly adhered to and, as a result, the quality of the audits will need to increase.
6. Further transfer pricing enforcement
Transfer pricing enforcement, which refers to the practice of establishing prices for internal transactions between related entities, is expected to broaden in scope. The UAE will shortly open the possibility to negotiate advance pricing agreements, or essentially rulings for transfer pricing purposes.
7. Limited time periods for audits
Recent amendments also introduce a default five-year limitation period for tax audits and assessments, subject to specific statutory exceptions. While the standard audit and assessment period is five years, this may be extended to up to 15 years in cases involving fraud or tax evasion.
8. Pillar 2 implementation
Many multinational groups will begin to feel the practical effect of the Domestic Minimum Top-Up Tax (DMTT), the UAE's implementation of the OECD’s global minimum tax under Pillar 2. While the rules apply for financial years starting on or after January 1, 2025, it is 2026 that marks the transition to an operational phase.
9. Reduced compliance obligations for imported goods and services
Businesses that apply the reverse-charge mechanism for VAT purposes in the UAE may benefit from reduced compliance obligations.
10. Substance and CbC reporting focus
Tax authorities are expected to continue strengthening the enforcement of economic substance and Country-by-Country (CbC) reporting frameworks. In the UAE, these regimes are increasingly being used as risk-assessment tools, providing tax authorities with a comprehensive view of multinational groups’ global footprints and enabling them to assess whether profits are aligned with real economic activity.
Contributed by Thomas Vanhee and Hend Rashwan, Aurifer
Lexus LX700h specs
Engine: 3.4-litre twin-turbo V6 plus supplementary electric motor
Power: 464hp at 5,200rpm
Torque: 790Nm from 2,000-3,600rpm
Transmission: 10-speed auto
Fuel consumption: 11.7L/100km
On sale: Now
Price: From Dh590,000
Everything Now
Arcade Fire
(Columbia Records)
Tomb%20Raider%20I%E2%80%93III%20Remastered
%3Cp%3EDeveloper%3A%20Aspyr%0D%3Cbr%3EPublisher%3A%20Aspyr%0D%3Cbr%3EConsole%3A%20Nintendo%20Switch%2C%20PlayStation%204%26amp%3B5%2C%20PC%20and%20Xbox%20series%20X%2FS%0D%3Cbr%3ERating%3A%203%2F5%3C%2Fp%3E%0A
Specs
Engine: 51.5kW electric motor
Range: 400km
Power: 134bhp
Torque: 175Nm
Price: From Dh98,800
Available: Now
Asian Cup 2019
Quarter-final
UAE v Australia, Friday, 8pm, Hazza bin Zayed Stadium, Al Ain
The specs
Engine: 1.5-litre turbo
Power: 181hp
Torque: 230Nm
Transmission: 6-speed automatic
Starting price: Dh79,000
On sale: Now
Company%20profile
%3Cp%3E%3Cstrong%3ECompany%20name%3A%3C%2Fstrong%3E%20Fasset%0D%3Cbr%3E%3Cstrong%3EStarted%3A%20%3C%2Fstrong%3E2019%0D%3Cbr%3E%3Cstrong%3EFounders%3A%3C%2Fstrong%3E%20Mohammad%20Raafi%20Hossain%2C%20Daniel%20Ahmed%0D%3Cbr%3E%3Cstrong%3EBased%3A%3C%2Fstrong%3E%20Dubai%0D%3Cbr%3E%3Cstrong%3ESector%3A%20%3C%2Fstrong%3EFinTech%0D%3Cbr%3E%3Cstrong%3EInitial%20investment%3A%3C%2Fstrong%3E%20%242.45%20million%0D%3Cbr%3E%3Cstrong%3ECurrent%20number%20of%20staff%3A%3C%2Fstrong%3E%2086%0D%3Cbr%3E%3Cstrong%3EInvestment%20stage%3A%3C%2Fstrong%3E%20Pre-series%20B%0D%3Cbr%3E%3Cstrong%3EInvestors%3A%3C%2Fstrong%3E%20Investcorp%2C%20Liberty%20City%20Ventures%2C%20Fatima%20Gobi%20Ventures%2C%20Primal%20Capital%2C%20Wealthwell%20Ventures%2C%20FHS%20Capital%2C%20VN2%20Capital%2C%20local%20family%20offices%3C%2Fp%3E%0A
Monster Hunter: World
Capcom
PlayStation 4, Xbox One
Leap of Faith
Michael J Mazarr
Public Affairs
Dh67
