That's a very interesting question as well.
I have not heard of those kinds of updates. Everyone's thinking about this whole notion of a Q-day that will occur at one point, when all of our public key encryption systems will be disabled or compromised in some manner, but we haven't seen that timeline, or even a potential exploit yet. This is a very far-reaching cutting edge, but I don't see that there is a policy there.
I think that the evolution of health care information or information IT would parallel the financial systems quite closely. When you see the beginnings, just in the same way that public key encryption and SSL were incorporated for online banking.... I remember a time when you did not do online banking. You didn't have a smart phone. You would call a fax number. We transitioned to a point where that was safe to perform on a computer.
I can easily imagine that those same regulations that moved for finance will also very easily apply to health care. If there is a build-up of a quantum encrypted network or any similar standards or adoptions of certain algorithms or quantum resistance, those would all move in the same way.
I'd like to see from a government or regulator perspective right now.... Once we have some indication that potential exploits are going to occur—and that certain high-risk or critical industries and fields will be, first of all, categorized as high-risk—then the regulations are synchronized between them. I think other communication industries and the IT industry are really going to benefit from that, as well, and we can all learn from the various industries together.