AHA urges OCR to expedite regulatory relief for certain cybersecurity practices

Nov 16, 2021 - 08:43 AM
Cybersecurity Lock on Gold Wall

The AHA today urged the Department of Health and Human Services’ Office for Civil Rights to quickly initiate rulemaking for a legislative provision (H.R. 7898) enacted by Congress this year to recognize certain recommended security practices when making determinations related to Health Insurance Portability and Accountability Act audits, fines and resolution agreements.

“The law appropriately recognizes that covered entities and business associates, like all entities including the Federal Government, can never fully eliminate the risk of cyberattacks,” AHA wrote. “When the inevitable attack occurs, entities should not be penalized, but rather treated as the victims of a crime. The law translates this concept by allowing certain measures of regulatory relief if the HIPAA-covered entity or business-associate victim had in place federally recognized security practices, such as those defined under the National Institute of Standards and Technology (NIST) Cybersecurity Framework and developed under Section 405(d) of the Cybersecurity Act of 2015.”
 

Related News Articles

Headline
House passes appropriations package to end partial government shutdown 
The House Feb. 3 voted 217-214 to pass the government funding plan approved by the Senate Jan. 30, ending the four-day partial shutdown. Twenty-one Republicans…
Headline
Senate expected to pass funding deal as partial government shutdown approaches
Update: The Senate passed the measure by a vote of 71-29.The Senate Jan. 30 is expected to pass a government funding plan ahead of a midnight deadline. A…
Headline
Senate begins to consider appropriations bill as partial shutdown looms
The Senate has begun consideration of the appropriations package passed by the House Jan. 22, which contains conferenced legislation for the Departments of…
Headline
FBI launches campaign to protect hospitals, other critical infrastructure against cyberattacks
The FBI has launched a two-month campaign, Operation Winter SHIELD (Securing Homeland Infrastructure by Enhancing Layered Defense), highlighting 10 actions…
Headline
AHA releases 2026 Advocacy Agenda
The AHA Jan. 28 released its 2026 Advocacy Agenda, containing the association’s key priorities for Congress, the administration, regulatory agencies and courts…
Headline
Guides offer strategies on preparing for public health emergencies, cybersecurity incidents 
Two AHA guides offer strategies for hospitals and health systems in preparing for public health emergencies and disasters and managing cybersecurity incidents…