What’s in HHS’ Proposed HIPAA Security Rule Overhaul?

Experts: New Mandates Could Be Difficult, Costly for Many Entities
A proposed overhaul of federal cybersecurity regulations for the healthcare industry could mean difficult and expensive heavy lifting for many organizations, said experts.
“The costs to fulfill these provisions will be enormous,” said Errol Weiss, chief security officer of the Health Information Sharing and Analysis Center. “Where is the money coming from to pay for all this? It can’t be from future savings from avoided breach penalties. Financially strained healthcare providers, especially small rural hospitals, don’t have the resources to support these new proposals,” he said.
Any regulatory requirements like this will need to come with funding assistance so that healthcare providers can acquire the proper technology and, more importantly, recruit and retain experienced cybersecurity professionals to adequately protect their networks, Weiss said.
Read the full article in Bank InfoSecurity. Click Here
- Related Resources & News
- Health-ISAC whitepaper highlights cybersecurity responsibilities in medical device lifecycle, focuses on resilience
- Health-ISAC Hacking Healthcare 2-3-2025
- Exploring the Cybersecurity Roles of Manufacturers and Healthcare Organizations During the Medical Device Lifecycle
- Impacts of Proposed US Import Tariffs on the Global Health Sector
- NY Blood Center Attack Disrupts Suppliers in Several States
- 2025 Newsletter – February
- DeepSeek’s Security Risk Is A Critical Reminder For CIOs
- $6.4m to combat health sector cyber threat
- Threat Bulletin: SimpleHelp RMM Software Leveraged in Exploitation Attempt to Breach Networks
- EU Commission Calls for Health Sector ‘Cyber Action Plan’