<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=118459&amp;fmt=gif">
Show all

Recent Cybersecurity Incident Prompts HIPAA Compliance Review

phone that reads HIPAA compliance

1.5 minute read

The recent cybersecurity incident affecting Change Healthcare, a unit of UnitedHealth Group, has prompted the U.S. Department of Health and Human Services (HHS) to take action. Due to the significant impact of this cyberattack, HHS' Office for Civil Rights (OCR) is conducting an investigation to determine whether these entities complied with the HIPAA Privacy, Security, and Breach Notification Rules. This includes assessing whether any protected health information (PHI) was compromised.

OCR is encouraging HIPAA-covered entities (health plans, health insurance issuers, and health care providers) and their associates to promptly review their cybersecurity measures “with urgency” to ensure that health information is protected. Employers using third-party vendors like third-party administrators (TPAs) and pharmacy benefit managers (PBMs), should verify their cybersecurity measures and ensure secure business associate agreements for electronic PHI.

 

Health Care Cyberattacks

On Feb. 21, 2024, Change Healthcare, a major health insurance platform in the U.S., was hit by a significant cyberattack, impacting millions of providers and patients nationwide. The incident, labeled one of the most disruptive attacks in history by cybersecurity experts, highlights the growing threat of ransomware and hacking in healthcare. In the past five years, there has been a 256% increase in hacking-related breaches reported to OCR, with hacking accounting for 79% of large breaches in 2023.

 

Compliance Resources

To help covered entities and business associates safeguard PHI and protect their systems from cyberattacks, the OCR has provided some helpful tools and resources.

Download the bulletin for more details.

New Call-to-action

National Insurance Services is not a law firm and no opinion, suggestion, or recommendation of the firm or its employees shall constitute legal advice. Readers are advised to consult with their own attorney for a determination of their legal rights, responsibilities and liabilities, including the interpretation of any statute or regulation, or its application to the readers’ business activities.

person sitting at computer screen that reads health insurance
Report Shows Workers Are Dissatisfied with Health Benefits
April 08, 2024
happy Asian family
Family-friendly Benefits in Demand
April 08, 2024
Mari Wagner

Mari Wagner

The greatest badge of success for Mari Wagner is when her customers reach out and let her know how appreciative they are of her help and services. Mari is dependable, driven, committed, and enjoys meeting new people. Mari joined the National Insurance Services (NIS) team after working with NIS for several years on mutual clients benefit plans. She finds that NIS has similar values and mindset to her own. As an Account Manager, Mari works with schools, cities, and counties in the Midwest Region. She is a licensed insurance agent with a background in sales, wellness, managing insurance pools, marketing, and consulting.