AHA urges OCR to expedite regulatory relief for certain cybersecurity practices

Nov 16, 2021 - 08:43 AM
Cybersecurity Lock on Gold Wall

The AHA today urged the Department of Health and Human Services’ Office for Civil Rights to quickly initiate rulemaking for a legislative provision (H.R. 7898) enacted by Congress this year to recognize certain recommended security practices when making determinations related to Health Insurance Portability and Accountability Act audits, fines and resolution agreements.

“The law appropriately recognizes that covered entities and business associates, like all entities including the Federal Government, can never fully eliminate the risk of cyberattacks,” AHA wrote. “When the inevitable attack occurs, entities should not be penalized, but rather treated as the victims of a crime. The law translates this concept by allowing certain measures of regulatory relief if the HIPAA-covered entity or business-associate victim had in place federally recognized security practices, such as those defined under the National Institute of Standards and Technology (NIST) Cybersecurity Framework and developed under Section 405(d) of the Cybersecurity Act of 2015.”
 

Related News Articles

Headline
FBI warns of attacks by North Korean cyber threat group using malicious QR codes
The FBI Jan. 8 released an alert on evolving threat tactics by Kimsuky, a North Korean state-sponsored cyber threat group. As of last year, the group…
Perspective
A New Year of Working Together to Advance Health in America
Public
Congress returned to Washington this week with a full plate of issues to contend with in the short-term as it defines its legislative agenda for the remainder…
Headline
House E&C health subcommittee discusses AHA-supported Medicare bill during hearing
The House Energy and Commerce Subcommittee on Health held a hearing Jan. 8 to discuss legislation on Medicare payment policies for seniors, including the AHA-…
Chairperson's File
Chair File: Leadership Dialogue — Reflecting on 2025, Looking Ahead to 2026 with Marc Boom, M.D., of Houston Methodist
Public
One of the most rewarding parts of being an AHA member and serving on the board is building relationships with other leaders who share a passion for making…
Headline
CISA issues update on voluntary cybersecurity performance goals 
The Cybersecurity and Infrastructure Security Agency Dec. 11 released an update to its voluntary Cybersecurity Performance Goals, which includes measurable…
Headline
AHA supports reintroduction of nursing bill addressing workforce shortage, education
The AHA Dec. 11 expressed support for the reintroduction of the Future Advancement of Academic Nursing, bicameral legislation that would increase nursing…