cognitive cybersecurity intelligence

News and Analysis


Get set: New HIPAA has teeth

The HIPAA Privacy and Security final rule, also known as the HIPAA Omnibus Rule, became effective on March 26. The new rule changes the breach notification process, shifting the burden of proof to providers who must now prove their innocence when patient data is breached. Providers and their vendors have 180 days to comply or risk enforcement actions and penalties. The addition of business associates under the rule could catch companies off guard and unprepared. The Office for Civil Rights has already prosecuted five covered entities, indicating increased enforcement going forward. Providers should conduct risk assessments and ensure their vendors are protecting personal health records according to the new rule.

Source: –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

A National Imperative – Cyber Resiliency

Cybersecurity expert Andrea E. Davis emphasizes the increasing vulnerability of critical infrastructure to cyber threats, highlighting instances such as the 2003 US and Canada power