Steps Taken To Improve Electronic Protected Health Information
The Department of Health and Human Services (HHS) released a proposed rule that would modify the Health Insurance Portability and Accountability Act (HIPAA) Security Rule to strengthen cybersecurity protections for electronic protected health information (ePHI). Although the changes are substantial, they are only in proposed form at this point. The proposed changes focus on enhanced documentation (e.g. inventory and system mapping) and heightened technical safeguards (e.g., encryption, multifactor authentication, vulnerability scanning, and penetration testing).
Comment On The Proposed Change
HHS will accept comments on or before March 7, 2025, on this rule change. According to the website, comments may be submitted in the following ways:
Federal eRulemaking Portal: You may submit electronic comments at https://www.regulations.gov by searching for the Docket ID number HHS-OCR-0945-AA22. Follow the instructions at https://www.regulations.gov for submitting electronic comments. Attachments should be in Microsoft Word or Portable Document Format (PDF).
Regular, Express, or Overnight Mail: You may mail written comments to the following address only: U.S. Department of Health and Human Services, Office for Civil Rights, Attention: HIPAA Security Rule NPRM, Hubert H. Humphrey Building, Room 509F, 200 Independence Avenue SW, Washington, DC 20201. Please allow sufficient time for mailed comments to be timely received in the event of delivery or security delays.
Employers with self-insured health plans and those with fully insured health plans that have access to ePHI should monitor developments and plan to improve safeguards for ePHI if the changes are finalized. Contact us today for more resources.
Employee Benefits Compliance
While the rule change is still up for debate, any changes that are ultimately approved will require your business to be able to demonstrate its compliance. Reach out to an employee benefits compliance professional at https://www.siekmannco.com/ to discuss how to prepare for the rule change and more.
Comments