The U.S. Health and Human Services (HHS) wants to update HIPAA’s security rule for the first time in over 10 years in response to the growing cyberattacks in the healthcare industry. The proposed changes will aim to clarify instructions on securing electronic health data and require written security policies from organizations. The plan also includes a yearly update of technology asset inventories, regular risk analyses, and mandated multi-factor authentication.

HSCC Urges White House to Shift Gears on Health Cyber Regs
The Health Sector Coordinating Council (HSCC) has asked the Trump administration to stop work on a proposed update to the HIPAA security rule and instead