Yesterday, the OMB’s Office of Information and Regulatory Affairs (OIRA) announced that it had received a notice of proposed rulemaking from the Food and Drug Administration (FDA) on “Proposed Modifications to the HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected Health Information”.
According to the Spring 2024 Unified Agenda Entry for this rulemaking:
“This rule will propose modifications to the Security Standards for the Protection of Electronic Protected Health Information (the Security Rule) under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act). These modifications will improve cybersecurity in the health care sector by strengthening requirements for HIPAA regulated entities to safeguard electronic protected health information to prevent, detect, contain, mitigate, and recover from cybersecurity threats.”
I will probably not cover this rulemaking in any detail on
this blog, unless it specifically addresses cybersecurity issues of medical
devices that may contain, process, or transmit protected health information
(PHI). Otherwise, there will just be a notification published in the
appropriate ‘Short Takes’ post when this rulemaking is published in the Federal
Register.
No comments:
Post a Comment