Changes to HIPAA Security Rule – The Latest Updates
Speaker: Amy Daley, Kentucky REC
The Department of Health and Human Services (HHS) released a Notice of Proposed Rulemaking to Strengthen Cybersecurity for Electronic Protected Health Information (NPRM) on Jan 6, 2025.
These proposed changes bring about new requirements such as vulnerability scanning, penetration testing, patch management, network segmentation, data backup testing, multi-factor authentication, security incident planning and testing, HIPAA compliance audits, business associate delegation and guidelines for ongoing maintenance.
Amy will provide an overview of the proposed changes, expected timelines for regulated entities to meet compliance, and any updates provided by HHS since publishing the proposed rule.
About Amy Daley
Amy Daley, CHPS, has been a Health IT Advisor for Kentucky Regional Extension Center since 2014 and is the HIPAA Team Lead. She specializes in HIPAA Security guidance for healthcare organizations across the state of Kentucky. Amy obtained her B.S. in Computer Information Systems from the University of Louisville. Amy has been a guest speaker at various conferences in Kentucky presenting on topics related to HIPAA Security and Promoting Interoperability. Her background includes expertise in the areas of implementation, training and management of EHR systems.
Questions? Contact us at Kentucky REC or call us at 859-323-3090.
