Public Webinar Available Now: HIPAA Security Rule Gets a Makeover – Let’s Break it Down
The Department of Health and Human Services (HHS) released a Notice of Proposed Rulemaking to Strengthen Cybersecurity for Electronic Protected Health Information (NPRM) on Jan 6, 2025. This will be the first major update to the HIPAA Security Rule since the HIPAA Omnibus Rule in 2013.
These proposed changes bring about new requirements, including:
- Vulnerability scanning
- Penetration testing
- Patch management
- Network segmentation
- Data backup testing
- Multi-factor authentication
- Security incident planning and testing
- HIPAA compliance audits
- Business associate delegation
- Guidelines for ongoing maintenance
This webinar provides an overview of the proposed changes and expected timelines for regulated entities to meet compliance with the new rule. The proposed rule seeks to strengthen cybersecurity by updating the Security Rule’s standards to better address ever-increasing cybersecurity threats to the health care sector. While the Department is undertaking this rulemaking, the current Security Rule remains in effect.
For more information about the proposed rule for HIPAA Security, please follow the links below:
Fact Sheet: “HIPAA Security Rule Notice of Proposed Rulemaking to Strengthen Cybersecurity for Electronic Protected Health Information”
Notice of Proposed Rulemaking (NPRM) – “HIPAA Security Rule To Strengthen the Cybersecurity of Electronic Protected Health Information”
Contact the experts at Kentucky REC with all your HIPAA Privacy and Security questions. We’re here to help: 859-323-3090.
