New HIPAA Rules Require 72-Hour Data Restoration, Audits
/ 1 min read
🛡️💉 HHS proposes new cybersecurity rules to protect healthcare data. The U.S. Department of Health and Human Services’ Office for Civil Rights has introduced new cybersecurity requirements aimed at enhancing the protection of electronic protected health information (ePHI) under HIPAA. The proposed modifications include mandates for regular technology asset reviews, vulnerability assessments, and the restoration of data within 72 hours of a breach. Additionally, healthcare organizations will be required to conduct annual compliance audits, implement encryption, and utilize multi-factor authentication. This initiative comes in response to a significant rise in ransomware attacks targeting the healthcare sector, with 67% of organizations affected in 2024, highlighting the urgent need for improved cybersecurity measures.
