NIST Accepting Comments on HIPAA
Many complaints about regulatory framework for various industries revolve around the lack of consideration taken by regulators for real-world scenarios. This can be alleviated when participating in request for comments process most regulations seek before being officially published. Presently, NIST is planning to update its Introductory Resource Guide for Implementing the HIPAA Security Rule, and it is seeking comments from industry stakeholders on proposed changes, including real-world applications.
The guide was initially published in 2008, and today NIST is urging stakeholders to provide comment on the guide’s purpose to inform readers on the information security terms outlined in HIPAA and to increase overall awareness of NIST-provided cybersecurity resources that are pertinent to the Security Rule.
NIST officials are hoping to benefit from comments based on real-world experiences to better shape the framework and determine where improvements can be made.
You also have a chance to share the resources you use to implement the HIPAA Security Rule, as well as how entities like your organization simultaneously manage compliance and security, assess PHI risk and analyze the effectiveness of security measures.
These and other comments will be accepted until June 15, 2021, and will be incorporated into a planned update to the guidance, where applicable. NIST will then publish draft guidance for public review and additional comment.
As apps and other digital technologies play an increased role in healthcare, HIPAA and its effectiveness has been viewed with additional scrutiny. HIPAA went into effect before these tools were invented, so the rule lacks some components to building an effective privacy and security program. The Department of Health and Human Services has proposed amendments to the rule that would address these gaps, but it will take Congressional action to put them into action.
Join forces with 2W Tech to help protect your clients’ sensitive healthcare data. We have a Cybersecurity Compliance Program that is designed to support our clients’ compliance obligations. Call us today to maintain your HIPAA compliance.