The HIPAA Security Rule may soon undergo a big overhaul that would better defend healthcare data from cybersecurity threats – and require much more from covered entities when it comes to establishing and maintaining defenses. The Department of Health and Human Services (HHS) just published a proposed rule yesterday aimed at securing the confidentiality and integrity of electronic protected health information (ePHI) in response to growing breaches and cyberattacks against healthcare organizations. HIPAA-regulated entities can now submit public comments in response until March 7. With a new administration about to take over in D.C., what can covered entities expect from a finalized rule? This Insight will provide a review of the most significant changes proposed and offer a suggested gameplan as we await finalization.
Why is This Update Needed?
HHS is proposing this update to the HIPAA Security Rule in response to the significant increase in cyberattacks in the healthcare sector.
- Modern healthcare operations heavily rely on interconnected digital tools for activities like appointment scheduling, telehealth services, patient records management, and claims…
