The White House has announced that the Health Insurance Portability and Accountability Act (HIPAA) will soon include new cybersecurity regulations aimed at protecting healthcare data more effectively. Anne Neuberger, Deputy National Security Adviser for Cyber and Emerging Technology, shared details of the proposed updates during a press briefing.
First HIPAA Security Rule Update in Over a Decade
The HIPAA security rule, initially published in 2003 and last revised in 2013, will undergo its first major update in over ten years. The proposed changes will require healthcare entities to implement robust cybersecurity measures such as data encryption to prevent the exposure of sensitive information during cyberattacks.
“This will require entities who maintain healthcare data to encrypt that data so if attacked, it cannot be leaked on the web and endanger individuals,” Neuberger explained.
Public Input and Implementation Costs
The Department of Health and Human Services (HHS) is set to publish a draft of the updated rules in the Federal Register for public comment. Once implemented, healthcare entities will also need to monitor their networks for threats and conduct compliance checks to ensure adherence to the new regulations.
The estimated cost for the healthcare industry to comply with the new HIPAA rules is projected to be approximately $9 billion in the first year and $6 billion annually for the subsequent four years. However, Neuberger emphasized that failing to act could have far more devastating consequences, including risks to critical infrastructure, patient safety, and financial stability.
Addressing Rising Healthcare Breaches
The decision to update HIPAA stems from a concerning increase in healthcare data breaches over the past five years, culminating in two significant incidents in 2024: ransomware attacks on Change Healthcare and the Ascension hospital network. These breaches not only disrupted healthcare services but also exposed sensitive data.
Change Healthcare’s parent company, UnitedHealth Group, disclosed that a February breach cost the organization over $850 million. Meanwhile, breaches across the healthcare sector have risen sharply, with large hacking incidents increasing 89% and ransomware attacks surging 102% since 2019.
“The average cost of a healthcare breach in 2023 was $10.1 million,” Neuberger stated. “Hacking of hospitals and sensitive healthcare data remains one of the most troubling issues we face.”
Impact on Patient Safety and National Security
The repercussions of these breaches extend beyond financial losses. Hospitals have been forced to operate manually during ransomware attacks, compromising patient care. Leaks of sensitive medical and mental health data on the dark web have created opportunities for blackmail and other forms of exploitation.
One year ago, HHS began implementing cybersecurity standards for institutions involved in Medicare and Medicaid programs, tying federal payments to compliance. At that time, discussions about incorporating cybersecurity into HIPAA began, including proposals to increase civil monetary penalties for violations like data breaches.
Congressional Support for Reform
The White House’s efforts have gained bipartisan support in Congress. Lawmakers have expressed frustration with the ongoing disruptions caused by ransomware attacks, including hospital shutdowns and the widespread impact of the Change Healthcare breach, which exposed information on more than 100 million individuals.
In February, HHS released a comprehensive 122-page guide outlining cybersecurity risk assessment and management requirements for HIPAA-covered entities, signaling a shift toward stricter standards.
The Road Ahead
The updated regulations are expected to bring much-needed clarity and specificity to HIPAA’s cybersecurity framework. These changes aim to address the growing threats facing the healthcare industry while safeguarding critical patient data and infrastructure. With public input and strong congressional backing, the proposed updates could mark a significant step forward in fortifying the nation’s healthcare cybersecurity defenses.
Support truth, health, and preparedness by shopping the Alex Jones Store through our link. Every purchase helps sustain independent voices and earns us a 10% share to fuel our mission. Shop now and make a difference!
https://thealexjonesstore.com?sca_ref=7730615.EU54Mw6oyLATer7a
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
