HIT Consultant October 8, 2025
Kurt Markley, Managing Director, Americas at Apricorn

Data breaches and ransomware attacks have become a persistent and costly challenge in the healthcare sector. As the Change Healthcare ransomware attack shows us, these threats continue to escalate in frequency and sophistication. Organizations bound by HIPAA must reevaluate their approach to cybersecurity, especially when it comes to encryption.

In December 2024, the U.S. Department of Health and Human Services (HHS) proposed a significant update to the HIPAA Security Rule, part of which suggests a mandate requiring the encryption of electronic protected health information (ePHI) both at rest and in transit. While it’s still uncertain whether HHS leadership will move forward with finalizing the rule, healthcare organizations would be wise to act as if it’s already in place. Why? Because...

Today's Sponsors

Venturous
ZeOmega

Today's Sponsor

Venturous

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, HIPAA, Provider, Technology
Related Articles:
‘Complexity is where cyber risk tends to grow’
Researchers broke every AI defense they tested. Here are 7 questions to ask vendors.
Your Organization Isn’t Cyber Ready... It Just Thinks It Is
HHS-OIG Report Highlights Key HHS Cybersecurity Challenges
NIST is rethinking its role in analyzing software vulnerabilities

Share Article