US Department Of Health Proposes New Rules To Improve Data Security

Illustration - Cyber Attack (Photo: Avant)

JAKARTA - The US Department of Health and Humanitarian Services (HHS) submitted a number of new regulatory proposals, which are intended to protect all health services from cyber threats.

In a proposal uploaded, HHS said, the proposed amendment to the regulation aims to protect electronic health information (ePHI) based on the Health Insurance Portability and Accountability Act (HIPAA) Security Rule.

This proposal was made as a mitigation measure for the emergence of cyber threat spikes such as ransomware and hacking, amid the growing development of technology in the world of health.

"Almost all aspects of modern health services rely on digital technology, and it is important for us to protect patient data from the growing cyber threat," said a representative of the OCR in the proposal.

Through this proposal, HHS requires all health industries to do several things such as mandatory data encryption, implement multi-factor authentication (MFA), improve risk analysis, set new standards for cutting-edge technology, and security training for all employees.

Thus, HHS hopes that this new rule can provide more detailed clarity and guidance to health service providers and their business partners in maintaining patient data security.

In addition, HHS also hopes that this step can reduce the number of data violations and provide efficiency for the health system in the future.

HHS opened a period of public comment for 60 days after the proposal was published in the Federal Register. All parties, including stakeholders of the health sector and the general public, are encouraged to provide input.

"By updating this rule, we hope to provide stronger protection for patients and increase trust in the digital health system," he concluded.