Proposed HIPAA Security Rule Updates Would Require Medicaid Plans to Increase IT Security Spending Within 240 Days
Federal regulators have proposed the first major updates to HIPAA security requirements since 2013, responding to a 1,000% increase in individuals affected by data breaches over five years. The proposed rule would impose more prescriptive compliance timelines and documentation requirements on all health plans and providers, including Medicaid MCOs, with most requirements taking effect within 240 days if finalized. While the rule's fate under the Trump administration remains uncertain, cybersecurity's bipartisan support may increase its survival chances compared to other late-Biden-era health regulations.
Managed Care
This is outside commentary from Manatt Health, not part of Medicaid Monitor's independently scored news coverage.
More from Manatt Health