Governance, Risk and Compliance, Critical Infrastructure Security, Government Regulations

Neuberger: Additional cybersecurity rules in HIPAA mulled

Anne Neuberger

More stringent cybersecurity rules were noted by Deputy National Security Adviser for Cyber and Emerging Technologies Anne Neuberger to be considered under a new version of the Health Insurance Portability and Accountability Act, which has been deemed crucial following the significant ransomware intrusions against Change Healthcare and Ascension Health this year, reports The Record, a news site by cybersecurity firm Recorded Future.

Under a draft of the updated HIPAA poised to be released by the Department of Health and Human Services, healthcare organizations across the U.S. would be mandated to encrypt stored data, as well as conduct network monitoring and HIPAA compliance checks, according to Neuberger.

"The cost of not acting is not only high, it also endangers critical infrastructure and patient safety, and it carries other harmful consequences," said Neuberger, while justifying the need for nearly $9 billion to adopt the new rules in the first year and another $6 billion yearly between the second and fifth years of implementation.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds