HIPAA Overhaul: Are Your Health Records More Secure or Just More Expensive?
The U.S. Department of Health and Human Services is proposing major changes to the HIPAA security rule. Think multi-factor authentication, advanced encryption, and the joy of written incident response plans. With breaches up 102% in healthcare, it’s time to turn PHI into Fort Knox!
Hot Take:
Well, it looks like the Department of Health and Human Services is giving the Health Insurance Portability and Accountability Act (HIPAA) a much-needed facelift. While HIPAA was busy celebrating its 20th birthday, the cyber villains were out there throwing a wild breach party, and boy, did they crash the healthcare scene! With the threat landscape looking more like a bad episode of a cyber-thriller, the HHS decided it’s time to kick things up a notch or ten. It seems like the HHS plans to lock PHI tighter than a celebrity’s secret recipe, and they are not kidding around with their demands for better encryption and multifactor authentication. Grab the popcorn, folks; this is going to be a show!
Key Points:
- HHS is planning major changes to HIPAA to improve cybersecurity for PHI.
- Proposed updates include mandatory multifactor authentication and enhanced encryption.
- Organizations will need to maintain a written record of policies and procedures.
- Risk analysis and asset inventory processes will be more detailed and mandatory.
- Changes could cost around $9 billion initially, with $6 billion annually thereafter.