HHS Proposes Stricter Cybersecurity Rules to Combat Healthcare Breaches

March 21, 2025Source: Healthcare IT News

Found this useful? Share it with your network

The Department of Health and Human Services (HHS) has proposed new cybersecurity regulations to address rising breaches in the healthcare industry, following the establishment of HHS Cyber Performance Goals in 2023. The notice of proposed rulemaking (NPRM), issued in December 2024, aims to strengthen requirements that were deemed inadequate under the Health Insurance Portability and Accountability Act (HIPAA). Key changes include mandatory encryption, multifactor authentication, and formalized incident response protocols to protect electronic protected health information (ePHI). Healthcare organizations are advised to prepare by conducting gap analyses and engaging leadership to ensure compliance with the forthcoming regulations.

Read Full Article

Opens on Healthcare IT News

More News

AMA Asking For Stronger Safeguards on AI Mental Health Chatbots

April 29, 2026MobiHealthNews

Andrea Daugherty Appointed Chief Information and Digital Transformation Officer at ARMC

April 24, 2026arrowheadregional.org

Craig Richardville Appointed Chief Digital and Information Officer at UF Health

April 13, 2026ufhealth.org

Former AMA Exec Margaret Lozovatsky Named CDIO At Premier Health

April 10, 2026premierhealth.com

Signature Healthcare Diverts Ambulances Following Cybersecurity Incident

April 8, 2026SecurityWeek

More Than 100 Hospitals Suing HHS Over Alleged Underpayment

April 6, 2026MedCity News