HealthTech December 30, 2019
Outdated technical terms and some vague definitions and procedures must be amended to address a threat-heavy landscape.
When the HIPAA Security Rule was first proposed in 1998, internet speeds would be considered lethargic by today’s standards — and medical records were in paper format.
A lot has changed in the decades since, except for the Security Rule.
Finalized in 2003, the rule establishes national standards for administrative, physical and technical safeguards that ensure the confidentiality and safety of electronic protected health information.
But I’m surprised to find that many people who talk about HIPAA compliance have never read the rule. Otherwise, they would know that a number of modern concerns go unaddressed.
Key words such as cyberattack, email, ransomware, phishing,...