Final PHI Protection Rule Won't Mandate Encryption
The omnibus federal final rule that will cover changes to the HIPAA privacy, security, breach notification and enforcement rules will not include a mandate for encryption of protected health information, confirms Susan McAndrew, deputy director for health information privacy in the Department of Health and Human Services’ Office for Civil Rights.
[…]McAndrew wasn’t as clear when asked if the breach notification “harm threshold,” which enables an organization to not provide notification of a breach if it determines no consequential harm has or will result, will be eliminated in the final rule.
Read more on Health Data Management.