Recently, the Director of the HHS’ Office for Civil Rights, Lisa J. Pino, issued a statement encouraging HIPAA covered entities and business associates to strengthen their cybersecurity posture this year in light of the increasing rates of cyberattacks across the healthcare industry.
The last year was particularly damaging for healthcare organizations due to hackers taking advantage of the COVID-19 pandemic. In fact, the record levels of breaches had a devastating impact on patient care, resulting in cancelled surgeries, radiology exams, and other critical services. With over 45 million records breached in 2021, the numbers underscore the importance of vigilance in the approach to cybersecurity.
OCR’s investigations uncovered many cases of noncompliance with the risk analysis and risk management requirements, and they suggested HIPAA-regulated entities take steps to improve compliance with the standards of the HIPAA Security Rule, specifically in the areas below:
Pino encouraged healthcare entities and business associates to take prompt action when new risks to the confidentiality and integrity of protected health information are identified. Some best practices and recommendations include:
Additional guidance and resources provided by OCR are below:
HHS Security Risk Assessment Tool: https://www.healthit.gov/topic/privacy-security-and-hipaa/security-risk-assessment-tool
Want to know more about HIPAA compliance? Ask the experts at MedSafe.
If you have questions about HIPAA compliance, contact the experts at MedSafe. MedSafe is the nation's leading one-stop resource for outsourced accreditation and healthcare compliance solutions. For over 20 years, we have been providing peace of mind to hospital groups, private practices, and their business associates. Our suite of onsite and online compliance services, including OSHA, HIPAA, Corporate Compliance and Code Auditing will equip your practice with the necessary tools and skills to achieve and maintain regulatory & billing compliance. MedSafe takes a hands-on approach and works directly with your team to uncover issues and define suitable solutions.
Phone: (888) MED-SAFE