
Please do not leave this page until complete. This can take a few moments.
To bolster security for healthcare workers and patients, the U.S. Department of Health and Human Services has proposed updates to HIPAA regulations. The proposed adjustments come amid rising worries about the growing frequency and sophistication of cyberattacks that have compromised sensitive patient records and disrupted operations.
The draft HIPAA Security Rule has been released in the Federal Register for public input. A finalized rule is expected to be issued by year’s end. Covered entities will be given a 180-day window to comply.
One proposed change is the requirement for encrypting sensitive medical data. By mandating encryption for both data at rest and in motion, the HHS intends to minimize the risk of data breaches and unauthorized entry to patient data. Encryption is a crucial security measure to help protect patient confidentiality and shield healthcare providers from breaches.
Proposed changes also call for adopting multi-factor authentication to strengthen access controls and authentication procedures. At this point in our digital lives, MFA should be all too familiar and ubiquitous. Consumers should never hesitate to activate MFA in all online accounts. Asking for two forms of verification before accessing any private system is a no-brainer.
The proposed changes include the need for integrating more resilient firewalls, intrusion detection systems, and security information and event management software. The idea is simply to enhance the overall cybersecurity posture of healthcare entities and level up their game to better thwart security incidents.
While cybersecurity experts generally welcome the proposed changes as a positive step, there are worries about the practical execution of these new orders, particularly for smaller healthcare clinics. Retrofitting security controls from aged healthcare systems is a steep mountain to climb, necessitating substantial investments in technology, training, and trained staff.
Another challenge is the need for a cultural shift within healthcare organizations toward prioritizing cybersecurity and ingraining it into core operations. This involves fostering a supportive security culture, conducting routine cybersecurity awareness exercises for employees, and establishing policies and procedures for incident response and remediation.
By incentivizing cybersecurity measures, such as conducting regular risk assessments, penetration testing, and vulnerability preparedness, healthcare entities are likely to take a more responsible stance toward safeguarding patient data and mitigating cyber threats. We have found this to be true while observing the October merger of UMass Memorial Health with Milford Regional Medical Center.
The proposed changes to the HIPAA security rules represent a big effort by HHS to bolster patient privacy and data defenses. While the changes are a step in the right direction, there are concerns about the feasibility of implementation. Moving forward, it will be crucial for healthcare providers to prioritize cybersecurity, invest in the necessary resources, and nurture a culture of security awareness.
Stay connected! Every business day, WBJ Daily Report will be delivered to your inbox by noon. It provides a daily update of the area’s most important business news.
Sign upWorcester Business Journal provides the top coverage of news, trends, data, politics and personalities of the Central Mass business community. Get the news and information you need from the award-winning writers at WBJ. Don’t miss out - subscribe today.
SubscribeWorcester Business Journal presents a special commemorative edition celebrating the 300th anniversary of the city of Worcester. This landmark publication covers the city and region’s rich history of growth and innovation.
See Digital EditionStay connected! Every business day, WBJ Daily Report will be delivered to your inbox by noon. It provides a daily update of the area’s most important business news.
Worcester Business Journal provides the top coverage of news, trends, data, politics and personalities of the Central Mass business community. Get the news and information you need from the award-winning writers at WBJ. Don’t miss out - subscribe today.
Worcester Business Journal presents a special commemorative edition celebrating the 300th anniversary of the city of Worcester. This landmark publication covers the city and region’s rich history of growth and innovation.
In order to use this feature, we need some information from you. You can also login or register for a free account.
By clicking submit you are agreeing to our cookie usage and Privacy Policy
Already have an account? Login
Already have an account? Login
Want to create an account? Register
In order to use this feature, we need some information from you. You can also login or register for a free account.
By clicking submit you are agreeing to our cookie usage and Privacy Policy
Already have an account? Login
Already have an account? Login
Want to create an account? Register
This website uses cookies to ensure you get the best experience on our website. Our privacy policy
To ensure the best experience on our website, articles cannot be read without allowing cookies. Please allow cookies to continue reading. Our privacy policy
0 Comments