Policy & Medicine March 2, 2025
Thomas Sullivan

The U.S. Department of Health and Human Services (HHS) wants to update the HIPAA security rule for the first time in more than a decade to bolster healthcare cybersecurity. On January 6, the Office for Civil Rights (OCR), which enforces HIPAA, proposed changes to the regulation that aims to clarify and offer more specific instruction on securing electronic health data. The update would also require organizations and their business associates to keep security policies in writing, as well as review, test and update them on a regular basis. The proposal comes as the healthcare sector has weathered a growing wave of cyberattacks and data breaches.

More on Proposed Rule

Currently, the HIPAA Security Rule distinguishes between “required” and “addressable” implementation...

Today's Sponsors

Venturous
Got healthcare questions? Just ask Transcarent

Today's Sponsor

Venturous

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health System / Hospital, HHS, HIPAA, Provider, Technology
Related Articles:
Pivot: Discussing the Impact of a Proposed HIPAA Security Update
Always Listening, Always Leaking?
Ensuring HIPAA Compliance in Telehealth Sessions
Navigating the 2024 proposed HIPAA security rule amendments
Proposed HIPAA Security Rule Requires AI Governance

Share This Article