View attachment 34582
In order to improve the level of protection afforded to patient information, the Office for Civil Rights of the Department of Health and Human Services suggested new HIPAA regulations.
In order to bring healthcare institutions up to speed with contemporary cybersecurity practices, the Office for Civil Rights of the United States Department of Health and Human Services (HHS) has recommended a series of additional criteria. The requirements for multifactor authentication, data encryption, and routine scans for vulnerabilities and breaches are included in the proposal, which was published in the Federal Register on Friday. It would also make the deployment of anti-malware protection essential for systems that handle sensitive information, in addition to the adoption of network segmentation, the creation of separate controls for data backup and recovery, and annual audits to check for compliance.The Health and Human Services Department also distributed a fact sheet that provided an overview of the plan, which would bring the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule up to date. A period of public feedback lasting sixty days is anticipated to begin very soon. Anne Neuberger, the United States' deputy national security advisor for cyber and emerging technology, stated during a press briefing that the plan would cost $9 billion to implement in the first year, and $6 billion over the ensuing four years, according to Reuters. A significant rise in the number of breaches on a wide scale over the course of the last few years is the impetus behind the idea. A number of significant cyberattacks have been launched against the healthcare sector in the course of this year alone. These attacks have included hacking into the networks of Ascension and UnitedHealth, which have resulted in interruptions at hospitals, doctor's offices, and pharmacies.
The Office for Civil Rights says that between the years 2018 and 2023, there was a 102 percent increase in the number of reports of significant breaches, and the number of individuals affected by such breaches climbed by 1002 percent. This increase was mostly due to an increase in the number of computer hacking and ransomware assaults. Big data breaches affected more than 167 million people in 2023, setting a new record for the number of people affected.
