U.S. Healthcare Industry: Cybersecurity Regulatory and Compliance Issues

Derek Mohammed

Abstract


The health care industry is one of the most vital areas of critical infrastructure in the United States. In recent years, the healthcare industry has faced a barrage of cyberattacks that have disputed vital services and exposed vast amounts of sensitive data. Federal regulations such as HIPPA and the HITECH act were designed to protect this sensitive data, but often are left open for interpretation. For example, HIPPA mandates the protection of personal health information but gives little guidance on how to do it properly. Even with regulatory mandates, the health care industry continues to struggle with complying with current regulations. Various factors such as budgetary constraints and the lack of cybersecurity professionals who understand the security needs of the health care industry affect compliance. Also within the health care industry, there are various sectors which are all governed by different sets of rules and regulations. This can create a level of confusion when trying to create a standard for the industry as a whole. The goal of this paper is to evaluate the current regulatory and compliance landscape of the U.S. health care system.

Keywords


Cyberattacks; Healthcare; HIPPA; HITECH; Personal Health Information

Full Text:

PDF

References


Andre, T. (2017). Cybersecurity: An Enterprise Risk Issue. Healthcare Financial Management, 71(2), 1-6.

Chaudhary, R., & Hamilton, J. (2016). Internal Audit’s Critical Role in Cybersecurity. New Perspectives on Healthcare Risk

Management, Control & Governance, 35(2), 20-29.

Cohen, M. F. (2016). Impact of the HITECH financial incentives on EHR adoption in small, physician-owned practices. International Journal of Medical Informatics, 94, 143-154.

Conaty-Buck, S. (2017). Cybersecurity and healthcare records. American Nurse Today, 12(9), 62.

Douglas, P. C. (2015). Cyber Risk Management: Do You Know Your Threat Sources? Add more precision to your security framework. New Perspectives on Healthcare Risk Management, Control & Governance, 34(3), 27-29.

Lanz, J. (2016). Bolster your data defenses. Journal of Accountancy, 222(2), 22-24.

PWC. (2016). Surviving seismic change: Winning a piece of the $5 trillion US health ecosystem. Retrieve from: https://www.pwc.com/us/en/health-industries/health-research-institute/publications/pdf/pwc-hri-health-industry-changes.pdf.

Rechtman, Y., & Rashbaum, K. (2015). HIPAA Security Rule - Demystified. CPA Journal, 85(4), 68-70.

Schulke, D. F. (2013). The regulatory arms race: Mobile-health applications and agency posturing. Boston University Law Review, 93(5), 1699-1752.

Shoffner, M., Owen, P., Mostafa, J., Lamm, B., Wang, X., Schmitt, C. P., & Ahalt, S. C. (2013). The Secure Medical Research Workspace: An IT Infrastructure to Enable Secure Research on Clinical Data. CTS Journal , 6(3), 222-225.

Whitman, M. E., & Mattord, H. J. (2016). Management of Information Security. Boston, MA.


Refbacks

  • There are currently no refbacks.


 

Copyright© 2015 Journal of Research in Business, Economics and Management. All rights reserved.

ISSN 2395-2210

For any help/support contact us at editorial@scitecresearch.com, jrbem@scitecresearch.com.