Knowledge Center
Episode 178: Pitfalls But Promise. The State of Healthcare Cybersecurity with Scott Mattila, COO & Chief Security Officer, Intraprise Health
September 23, 2022
WEDI responsed to the publication in July 2022 of the National Institute of Standards and Technology (NIST) Special Publication 21 NIST SP 800-66r2 ipd “Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide.” WEDI appreciates NIST developing this important resource and requesting public comments.
WEDI was formed in 1991 by then Department of Health and Human Services (HHS) Secretary Dr. Louis Sullivan to identify opportunities to improve the efficiency of health data exchange. WEDI was named in the HIPAA legislation as an advisor to the Secretary of HHS. Recognized and trusted as a formal advisor to the Secretary, WEDI is the leading authority on the use of health information technology (IT) to efficiently improve health information exchange, enhance care quality, and reduce costs. With a focus on advancing standards for electronic administrative transactions, and promoting data privacy and security, WEDI has been instrumental in aligning the industry to harmonize administrative and clinical data.
We applaud the NIST Applied Cybersecurity Division for its excellent work on this Resource Guide and for the many other resources the Division has developed to assist the industry meet cybersecurity challenges. With the publication of this draft Resource Guide, NIST was seeking feedback to assist in evaluating and improving one of the most important cybersecurity resources publicly available to the health care industry. We focused our comments on opportunities NIST has to augment the contents of the Resource Guide.