HSCC Advocates Consultations Over Costly HIPAA Security Rule Proposal
TechTarget
|
Contributed by: Drex DeFord
Summary
The Health Sector Coordinating Council (HSCC) has proposed a consultative process with cybersecurity leaders instead of moving forward with the January 2025 NPRM for the HIPAA Security Rule, citing concerns that the NPRM may not effectively address the systemic cybersecurity challenges faced by the healthcare sector. The HSCC's Cybersecurity Working Group has pointed out potential budgetary and implementation issues, advocating for a year-long consultation to develop tailored cybersecurity policies. Additionally, HSCC highlighted previous collaborative efforts with the Department of Health and Human Services (HHS) to assess hospital cybersecurity and set performance goals, arguing that the NPRM overlooks these advancements. Financially, HHS estimates that implementing the NPRM would require approximately $9 billion in the first year and $6 billion annually for the next four years.
