An HHS proposal to require hospitals and other healthcare facilities to scale up their patient data security infrastructure is drawing criticism over concerns that it could cost billions to implement.
The US Department of Health and Human Services may soon finalize an update to its Health Insurance Portability and Accountability Act security rule. The change is designed to address increased cyberattacks on the US healthcare system by requiring healthcare providers and their business associates to strengthen cybersecurity protections for patients’ protected health information.
The update would be the HHS’ first major changes to the HIPAA security rule since 2013, when ...