The first major update to HIPAA in more than a decade will eliminate the distinction between “required” and “addressable” safeguards, making key cybersecurity and physical security measures mandatory for all healthcare providers. This shift will expose gaps in hospitals’ fragmented security systems, though, according to Kumar Sokka, CEO of cybersecurity platform Acre Security.
As legal and compliance professionals, we champion privacy and cybersecurity in our organizations — but success requires a team effort.
Enterprise EHR boosts scalability, interoperability, and governance for large healthcare systems.
Healthcare AI in the U.S. has progressed to a point where traditional, HIPAA-style compliance alone is no longer adequate. The next phase of regulation and market expectation will require continuous, medical-grade AI governance, and companies that don’t adapt now will be left behind.
If leading hospitals are using these AI tools, and the companies mention HIPAA compliance on their websites, are the consumer AI health tools also regulated by HIPAA? Do consumers share a similar relationship with these companies as healthcare organizations do?
Discover where you can find HIPAA-compliant software for med spas.
How can healthcare providers contend with a regulatory environment that has never been more fragmented? Here are three lessons on why privacy is your competitive advantage.
Small practices play a critical role in healthcare delivery, but they cannot continue to absorb ever-increasing administrative demands without consequences.
As manufacturers play an active role in the patients’ healthcare journey, the boundaries between manufacturers and healthcare providers/payers are becoming increasingly blurry.
As healthcare continues to become more and more dependent on third-party vendor services, provider and technology entities must remain focused on the risks that their vendors present.
Across the U.S., nearly 700 rural hospitals are at risk of closure. When they shut down, the impacts cascade: broken continuity, delayed care, and increased cyber risk in every new system a patient must navigate.
From mobile documentation to emergency handoffs, EMS providers handle sensitive patient information in fast-moving environments. Understanding how HIPAA applies — and how to comply — can improve care, reduce risk, and build systemwide trust.
By reducing administrative burden and redesigning workflows around human needs, it creates space for what matters most: connection between clinicians and patients.
The bottom line is that while recognizing there is an issue is vital, too many healthcare organizations are counting on solutions that cannot and will not provide a sufficient line of defense.
If the guidelines for data sharing are not adhered to by providers, then all the work that has gone into revising this regulation will have been for nothing. But the road to compliance doesn’t have to be overwhelming. Here are three essential steps for healthcare leaders in navigating the soon-to-be Part 2 landscape.
HHS is proposing major changes to HIPAA for the first time in more than a decade, aiming to strengthen cybersecurity protocols for electronic health data. Healthcare cybersecurity leaders are mainly in favor of the proposal — though there are some concerns that smaller providers will struggle with the financial and operational burdens of compliance.
Implementing a thorough federal privacy law and broadening HIPAA protections to include new mHealth technologies are crucial steps in enhancing personal data security. Equally important, companies and developers should adhere to strict ethical standards and robust security protocols during app development to protect users' sensitive information.
Two chief information security officers offer some advice at a cybersecurity panel at HLTH.