HHS security policies should focus on incentives, not penalties, health IT leaders say
The federal government needs to provide more resources and incentives to help healthcare organizations better protect their IT systems and data from cyberattacks, according to health IT security leaders.Currently, the Department of Health and Human Services privacy and security standards are too focused on compliance and are unduly punitive to healthcare provider organizations when a breach occurs, they said. It is vital that Congress and HHS identify a pathway for ensuring providers do not unduly shoulder the burden of protecting...