The National Institute of Standards and Technology this week released updated guidance to help HIPAA-covered entities and business associates assess and manage cybersecurity risks to electronic protected health information and comply with the HIPAA security rule. The Department of Health and Human Services’ Office for Civil Rights collaborated with NIST on the guidance, last updated in 2008, which identifies activities that a regulated entity might consider implementing as part of an information security program and resources to help in complying with the HIPAA security rule. 

Related News Articles

Headline
Two Administration officials April 14 discussed how the federal government is working with hospitals and other parts of the health care sector to defend…
Headline
Sen. Ron Wyden, D-Ore., expressed to AHA members frustration with the Change Healthcare cyberattack, which he believes jeopardized patients and their personal…
Headline
The Change Healthcare cyberattack was a significant event that caught many off guard, said the Centers for Medicare & Medicaid Services Administrator…
Headline
“Even before the recent Change Healthcare cyberattack that has left some hospitals fronting millions of dollars in extra costs, a perfect storm of complex…
Headline
The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) April 5 released an advisory on the top 10 ransomware groups…
Headline
The AHA has been made aware of a validated IT help desk social engineering scheme that uses the stolen identity of revenue cycle employees or employees in…