Updated HIPAA Regulations
The Department of Health and Human Services (HHS) has submitted updates to the HIPAA Security Rule, aiming to strengthen the security of electronically protected health information. These proposed changes are currently under review at the White House, signaling a pivotal step in addressing the growing cybersecurity challenges faced by the healthcare industry.
Healthcare organizations have increasingly become popular targets for cyber attacks. According to the Health and Human Services report, data shows a 93% increase in large breaches, with a staggering 278% increase in large breaches reported to OCR involving ransomware. This highlights the urgent need for enhanced safeguards as healthcare facilities, because their size, dependence on technology, and sensitive data, make them particularly vulnerable to cyberattacks.
To help healthcare organizations mitigate these risks, the HHS has outlined new Cybersecurity Performance Goals (CPGs). These goals are designed to assist HIPAA-regulated entities in adapting to the evolving cyber threat landscape and building a more resilient infrastructure. The Healthcare and Public Health (HPH) CPGs specifically address the most common cyberattack methods targeting U.S. hospitals, as outlined in the 2023 Hospital Cyber Resiliency Landscape Analysis.
Given the rising threats, it is crucial for healthcare organizations to act now by partnering with a cybersecurity agency like ByteTime. Taking proactive steps to strengthen your safeguards can help prevent costly breaches and protect sensitive patient data.