Plaza 365
Plaza 365

No results found for your search

RegisterLog in

1

Long-Awaited HIPAA Security Rule Revamp Formally Proposed with Significant Changes

Visit article

#changes

#security

Dynamics 365 ERP - Development

Category

Feb 22, 2025

Published date

Text

Article Type

AI Summary

  • The U.S. Department of Health and Human Services published a Notice of Proposed Rule Making related to the HIPAA Security Rule, with significant changes impacting covered entities and business associates.
  • All security specifications will be required with no distinction between required or addressable.
  • There are 22 definition changes that expand what regulated entities need to consider, such as the term "technology assets."
  • Formal documentation of Security Rule policies and procedures will be required, with reviews and updates at least every 12 months.
  • Regulated entities will be required to test security safeguards at varying frequencies, including penetration testing and incident response plan testing.
  • Technology asset inventory and network maps must be documented and reviewed annually.
  • Technical controls like multi-factor authentication and encryption will become requirements.
  • New notification requirements and specific compliance details are provided to assist regulated entities in meeting requirements.

Registered users can view the full text for FREE!

Sign In Now!