Sunday, 16 February 2025
29.9 C
Singapore
38.7 C
Thailand
26.3 C
Indonesia
27.6 C
Philippines

The US proposes stricter cybersecurity rules to protect healthcare data

The US proposes healthcare cybersecurity rules, including encryption and MFA, to protect patient data. The first year's cost is estimated at US$9B.

The US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has proposed improving cybersecurity measures within healthcare organisations. This initiative is designed to safeguard patientsโ€™ sensitive information from the rising threat of cyberattacks. According to Reuters, the proposal follows significant breaches, including one earlier this year that exposed the private data of over 100 million UnitedHealth patients.

Protecting patient data from cyberattacks

The new rules call for several key measures to prevent breaches and mitigate the damage caused by cyberattacks. Under the proposal, healthcare providers and related organisations would be required to:

  • Implement multifactor authentication (MFA) to secure access to systems.
  • Segment their networks to prevent the spread of intrusions across systems.
  • Encrypt patient data to ensure that even stolen information remains inaccessible.

In addition, the rules mandate specific risk analysis practices, maintaining compliance documentation, and adhering to other cybersecurity protocols.

These measures form part of a larger cybersecurity strategy unveiled by the Biden administration last year. The regulations would amend the Security Rule under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) if approved. This rule, which governs entities such as doctors, nursing homes, and insurance companies, was last updated in 2013.

Significant costs but long-term benefits

While the proposed changes aim to enhance security, they come with a hefty price tag. According to Anne Neuberger, the US deputy national security advisor, the first year of implementation is estimated to cost US$9 billion, followed by US$6 billion annually for the next four years. These costs cover system upgrades, staff training, and adopting new technologies.

Healthcare providers must weigh these expenses against the potential benefits of reduced data breaches and increased patient trust. The updated framework is designed to minimise risks in an industry increasingly targeted by cybercriminals.

Public input and timeline for implementation

The OCR plans to publish the proposal in the Federal Register on January 6. This will initiate a 60-day public comment period, allowing stakeholders and members of the public to provide feedback. After the comment period ends, the final rule will be set, potentially leading to a significant shift in how healthcare organisations handle cybersecurity.

As cyberattacks become more sophisticated, the US governmentโ€™s focus on strengthening protections for patient data highlights the growing need for vigilance and innovation in cybersecurity. The proposed measures, if adopted, could set a new standard for safeguarding sensitive information in the healthcare sector.

Hot this week

WhatsApp is working on a feature to let you add social media profile links

WhatsApp is testing a feature that lets you add social media profile links to your account, improving integration with Instagram and other platforms.

Apple partners with Alibaba for AI integration in China

Apple partners with Alibaba to bring AI features to iPhones in China, aiming to boost sales and compete with Huawei and Xiaomi.

Airbnb CEO says AI trip planning is still not ready

According to CEO Brian Chesky, Airbnb will introduce AI-powered customer support this summer but says AI trip planning is not yet ready.

Civilization VII is launching in VR for Meta Quest this spring

Civilization VII - VR arrives on Meta Quest this spring, offering a board game-style experience with immersive multiplayer and adjustable pacing.

Ulanzi VL49 Rechargeable Mini LED Light review: A pocket-sized lighting powerhouse

A detailed review of the Ulanzi VL49 Mini LED Video Light, exploring its design, performance, mounting options, and ideal use cases for content creators.