Hi All,
The Department's Office for Civil Rights seeks to update HIPAA Security Rule for the first time since 2013
Today, the U.S. Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), issued a proposed rule to improve cybersecurity and better protect the U.S health care system from a growing number of cyberattacks. The proposed rule would modify the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule to require health plans, health care clearinghouses (an organization that enables the exchange of health care data between a provider and a payer (insurance company)), and most health care providers, and their business associates, to strengthen cybersecurity protections for individuals' protected health information. This proposed rule is the latest step taken by OCR to address more frequent cyberattacks targeting the U.S. health care system, consistent with the HHS Healthcare and Public Health critical infrastructure sector Cybersecurity Performance Goals.
https://www.federalregister.gov/public-inspection/2024-30983/health-insurance-portability-and-accountability-act-security-rule-to-strengthen-the-cybersecurity-of
The above links to the unpublished document. It is scheduled to be published on 01/06/2025.
------------------------------
Michael Roza CPA, CISA, CIA, CC, CCSKv5, CCZTv1, MBA, EMBA, CSA
------------------------------