Inadequate HIPAA Security Risk Analyses Causing "Major Issues" in Healthcare

August 21, 2025Source: BankInfoSecurity

Found this useful? Share it with your network

Federal regulators have repeatedly identified inadequate HIPAA security risk analyses as a major issue among healthcare organizations, often resulting in data breaches and financial penalties. The HHS Office for Civil Rights has conducted audits that reveal many entities fail to conduct thorough analyses, instead relying on outdated information or superficial reviews, leaving them exposed to vulnerabilities. Recent penalties, like a $175,000 settlement against a New York accounting firm for not identifying risks related to a ransomware breach, underscore the need for better compliance. This ongoing negligence highlights the critical importance of comprehensive risk assessments to safeguard protected health information and avoid regulatory repercussions in healthcare.

Read Full Article

Opens on BankInfoSecurity

More News

AMA Asking For Stronger Safeguards on AI Mental Health Chatbots

April 29, 2026MobiHealthNews

Andrea Daugherty Appointed Chief Information and Digital Transformation Officer at ARMC

April 24, 2026arrowheadregional.org

Craig Richardville Appointed Chief Digital and Information Officer at UF Health

April 13, 2026ufhealth.org

Former AMA Exec Margaret Lozovatsky Named CDIO At Premier Health

April 10, 2026premierhealth.com

Signature Healthcare Diverts Ambulances Following Cybersecurity Incident

April 8, 2026SecurityWeek

More Than 100 Hospitals Suing HHS Over Alleged Underpayment

April 6, 2026MedCity News