The US Department of Health and Human Services (HHS) has published a proposed rule to overhaul the HIPAA Security Rule, aiming to better protect health data from cybersecurity threats. Changes would enforce stricter standards for healthcare entities in establishing and maintaining defenses, including requiring robust cybersecurity requirements. The suggested revisions would also align the Security Rule with industry best practices such as the NIST Cybersecurity Framework and the EU’s GDPR. Public comments can be submitted until 7 March.
Dispersed responsibility, lack of asset inventory is causing gaps in medical device cybersecurity
Witnesses at a House hearing on medical device cybersecurity highlighted the need for better tracking of devices and their vulnerability to cyber threats. They noted
