Getting incentives for the best security practices is a win-win for all healthcare-related entities. For one, you are getting incentives, and secondly, you are making sure that you have a rock-solid defense in terms of security. 

Many organizations find that the rules and regulations that HIPAA entails are too extensive and overwhelming, however. What’s more, cybersecurity wasn’t a thing when HIPAA was introduced. Therefore, the law does not have any specific guidelines for cybersecurity. 

The HIPAA law subsequently went through some changes to minimize the burden on healthcare organizations. The changes in part accounted for advancement in technologies to ensure that healthcare organizations can perform their duties without any hindrance. Despite those efforts, some covered entities and business associates still find the law to be a burden.

But things are changing. In light of recent news especially, healthcare organizations will be encouraged to implement best security practices and satisfy HIPAA compliance requirements. 

Cybersecurity Scenario in Healthcare

Cybersecurity issues are posing myriad problems for businesses. In particular, the healthcare industry has suffered a lot in recent months as cyberattacks have become more sophisticated and frequent. A whopping 79% of all reported data breaches involved healthcare organizations between January 2020 and November 2020, for instance. Moreover, healthcare entities witnessed an 45% increase in cyberattacks between November 2020 and January 2021.

In the midst of all this, the H.R. 7898 (HIPAA Safe Harbor bill) was formally signed into law on January 5. The bill amends the HITECH Act and requires the Department of Health and Human Services (HHS) to incentivize organizations that implement best cybersecurity practices to meet their HIPAA obligations. 

It’s a sigh of relief for organizations that stood very little chance against highly sophisticated cybersecurity attacks. 

What is the HIPAA Safe Harbor Bill?

Even those (Read more...)