Security News > 2020 > May > New third-party healthcare data rules: Increased access alongside privacy considerations

In early March, as COVID-19 impacted areas of the U.S., new healthcare data rules were issued by the Department of Health and Human Services' Office of the National Coordinator for Health Information Technology and Centers for Medicare & Medicaid Services to "Give patients unprecedented safe, secure access to their health data" so that they can better manage their care.

Under the purview of HIPAA and new breeds of state privacy laws and regulations, these apps will need to be built with security and privacy in mind, governed with the right controls, and provide appropriate patient verification and authentication.

The new rules are intended to empower patients to have greater control over their health data, access to their health information and share their information when and with whom they desire.

A data breach from these types of applications could trigger catastrophic impacts, such as reputational damage if sensitive patient information is leaked, or fraud results from malicious access to financial information.

Today, a batch of highly-detailed healthcare data on the Dark Web is priced between $100 - 500, according to RSA. Compare that to stolen bank account credentials that range in price from $3 - 24 and you see why patient data is a target for cybercrime.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/t4i6pgcg-HE/