Matt Fisher writes:
The Office for Civil Rights is promoting HIPAA as being able to prevent or substantially mitigate the impacts of a cyber attack. It is a bold statement from OCR and one that bears unpacking.
Why is OCR asserting that HIPAA can prevent or substantially mitigate a cyber attack? The primary answer is the Security Rule within HIPAA. Hopefully, many understand that the HIPAA Security Rule is broken into three components: administrative, technical, and physical. Those areas are further divided into required and addressable elements. The categories of safeguards are what OCR focused on in its assertion though.
OCR doesn’t necessarily limit its promotion of the Security Rule to any one aspect.
Read more at The Pulse.