What Does the New HIPAA Safe Harbor Law Do?

The HIPAA Safe Harbor Bill was passed by the Senate in December 2020. As such, amendments have been made to the HITECH act, with the main aim focused on the Department of Health and Human Services to ensure best-practice cybersecurity, as per HIPAA requirements. 

What does the new HIPAA Safe Harbor Law do?

The new bill that has been passed means that the Department of Health and Human Services now has to look at the organization’s security in question whenever any HIPAA enforcement actions are conducted. It’s a must-do, that they look back twelve months and to detail all the relevant security practices that are in place.

Another part of the bill is that the HHS can also reduce fines or length of audits when it comes to any security incidents.

In relation to cybersecurity

With the HIPAA Safe Harbor Law, the aim of the bill is to try and promote cybersecurity. It’s no surprise that due to the internet’s increasing popularity, there are more threats from cyber attacks as a result. 

The risk of data being exposed, leaked, or stolen could happen with any business or organization of any size. No one is out of danger and so the bill will hopefully encourage these existing companies to do more when it comes to investing in their security efforts to help meet the standards of HIPAA.

By meeting these standards, it means it will be in the best interests for companies to do so in order to reduce fines and the length of audits taking place. Taking these steps and making positive changes to the standards of your organization’s cybersecurity, will show the level of care and attention taken when it comes to patient confidentiality.

For those that don’t meet the standards, the benefits above won’t be available to take advantage of. So it’s in the best interests of all businesses, to do what they can to meet the standards set out by this new bill.

What should your organization be doing?

So what does that mean for your organization? If you work in the healthcare industry and follow HIPAA compliance then it’s important to follow these next steps.

Firstly, you’ll want to find IT services in Arvada that will be able to provide cybersecurity services for your business. From this point onwards, you can create an IT strategy and plan to help strengthen your cybersecurity in line with the standards set by HIPAA. 

Being able to keep your network protected, and also the data of your patients, is key. Having an outsourced IT provider can be helpful in covering all situations, regardless of whether it’s business hours or not.

Hopefully, this passing of the bill will encourage more businesses to take cybersecurity seriously. It’s not only crucial for the business itself but also for all those that they’re responsible for when it comes to their confidential data. Now is not the time to do things by half measures when it comes to cybersecurity and improving it for the better.