Near the end of 2024, the U.S. Department of Health and Human Services announced its intention to update the HIPAA Security Rule to improve cybersecurity protections around electronic protected health information.
The comment period closed March 7, but there’s still uncertainty about whether anything will move forward under the new administration. This has healthcare organizations re-evaluating their cybersecurity strategies, especially amid ongoing threats and vulnerabilities that continue to challenge them daily.
There could also be more changes on the state level. New York, for instance, enacted new healthcare cybersecurity requirements in October 2024.
While the federal government has offered some guidelines and resources to address healthcare cybersecurity, increased scrutiny after recent cyber events that disrupted operations across a wide swath of organizations could mean more standardization across the industry.
Click the banner below to learn why cyber resilience is essential to healthcare success.
Nelson Carreira