Rethinking Healthcare Cybersecurity Amid a Proposed Federal Update

A proposal to update the HIPAA Security Rule marked the end of 2024. Even with its uncertain future, health systems should consider re-evaluating their cybersecurity strategies.Near the end of 2024, the U.S. Department of Health and Human Services announced its intention to update the HIPAA Security Rule to improve cybersecurity protections around electronic protected health information.The comment period closed March 7, but there’s still uncertainty about whether anything will move forward under the new administration. This has healthcare organizations re-evaluating their cybersecurity strategies, especially amid ongoing threats and vulnerabilities that continue to challenge them daily.There could also be more changes on the state level. New York, for instance, enacted new healthcare cybersecurity requirements in October 2024.

Medigy Insights

Healthcare organizations also have targets for cyber insurance coverage that they need to hit, especially concerning identity and access management. That’s a major area for improvement in healthcare. After all, a lack of multifactor authentication was behind last year’s cyberattack on Change Healthcare.But if MFA isn’t configured properly, it’s just another gap that can cause more pain. Don’t deploy MFA to simply check a box for cyber insurance or other compliance requirements. Understand what your organization needs and tailor your approach that way.

Continue reading at healthtechmagazine.net

Make faster decisions with community advice

Deploy this technology today

Inside the Rise of Immersive Telehealth: Trends, Evidence, and What’s Next

Researchers and clinicians are looking for ways to make telehealth more like or better than in-person care. Recent advances in extended reality are now enabling new forms of immersive …

Posted Apr 5, 2025