America seeks to strengthen cyber security in the field of health

The United States is proposing new rules to increase the security of health data. These proposed rules by the US Department of Health and Human Services include things like encryption, multi-factor authentication and other measures to protect patient data.

According to Tekna Technology News Media Health Service, the Office of Civil Rights (OCR) of the US Department of Health and Human Services has proposed new cybersecurity requirements for healthcare organizations in order to protect patients’ private data from cyber attacks. The proposed rules come in the wake of widespread cyberattacks, such as the one against UnitedHealth earlier this year that exposed the private information of more than 100 million patients. These attacks indicate a serious vulnerability in health data protection systems and the need to take more serious measures to deal with these threats.

The Civil Rights Office’s proposal includes requiring health care organizations to use multi-factor authentication in most cases, segmenting their networks to reduce the risk of intrusions spreading from one system to another, and encrypting patient data in such a way that, even if stolen, it is possible to access They don’t exist. These measures significantly increase the security level of sensitive patient data and prevent possible abuses. Also, the proposal would require regulated entities to perform certain risk analysis and compliance documentation actions. These measures help organizations to continuously assess and improve their security posture.

The law is part of the cyber security strategy that the Biden administration announced last year. Once finalized, the law would update the “security law” of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which regulates doctors, nursing homes, health insurance companies and others, and was last updated in 2013. will do This update seemed necessary due to the advancement of technology and the increase in cyber threats.

US Deputy National Security Adviser Anne Neuberger estimated the cost of implementing these requirements at “about $9 billion in the first year and $6 billion in years two through five.” This figure represents a significant government investment to improve health data security. The proposal is scheduled to be published in the Federal Register on January 6, which will begin a 60-day public comment period before a final rule is made. This opportunity is given to the general public and experts in this field to provide their opinions and suggestions about this law. This will help to improve and complete the final law. To see other news, refer to Tekna Media Technology medical news page.