The National Institute of Standards and Technologies (NIST) recently updated cybersecurity guidance for health care providers to better protect patient information. The new updates are provided in Implementing the Health Insurance Portability and Accountability ACT (HIPAA_ Security Rule: A Cybersecurity Resource Guide. It focuses on being more comprehensive while making it easier for health care providers to provide better cybersecurity. This guideline is a part of the larger HIPAA requirements focusing on digital information and protection.
The change has not been released yet as it is currently in draft form. You can read the full document and send your comments to the NIST by September 21, 2022 in the US. This revision is necessary because it was last revised in 2008, and technology has changed significantly over the last nearly 15 years, as well as a growing need for more remote patient care because there has been a global pandemic since the last revision. The new guidance focuses on several new security concerns and measures to mitigate newer vulnerabilities. It also addresses concerns that were sent in response to the request for comments prior to the new draft being written. The focus of the new guidance is to point health care providers in the right direction to protect their data; it is not a checklist of things they need to do.
Given how important cybersecurity is for your health, you can learn more about the change at NIST Updates Guidance for Health Care Cybersecurity. Even if you don’t live in a country where HIPAA applies, you can learn about what can be done to better protect patients’ information.