What’s in HHS’ Proposed HIPAA Security Rule Overhaul?

Experts: New Mandates Could Be Difficult, Costly for Many Entities

A proposed overhaul of federal cybersecurity regulations for the healthcare industry could mean difficult and expensive heavy lifting for many organizations, said experts.

“The costs to fulfill these provisions will be enormous,” said Errol Weiss, chief security officer of the Health Information Sharing and Analysis Center. “Where is the money coming from to pay for all this? It can’t be from future savings from avoided breach penalties. Financially strained healthcare providers, especially small rural hospitals, don’t have the resources to support these new proposals,” he said.

Any regulatory requirements like this will need to come with funding assistance so that healthcare providers can acquire the proper technology and, more importantly, recruit and retain experienced cybersecurity professionals to adequately protect their networks, Weiss said.

Read the full article in Bank InfoSecurity. Click Here

• Related Resources & News
• Potential Terror Threat Targeted at Health Sector – AHA & Health-ISAC Joint Threat Bulletin
• New Cybersecurity Policies Could Protect Patient Health Data
• CyberWire Podcast: PHP flaw sparks global attack wave
• Health-ISAC Hacking Healthcare 3-14-2025
• HSCC Aiming to Identify Healthcare Workflow Chokepoints
• New Healthcare Security Benchmark Highlights Key Investment Priorities and Risks
• Are Efforts to Help Secure Rural Hospitals Doing Any Good?
• CISA cuts $10 million annually from ISAC funding for states amid wider cyber cuts
• 2024 Health-ISAC Discussion Based Exercise Series After-Action Report
• Cobalt Strike takedown effort cuts cracked versions by 80%