OCR Stresses Importance of Authentication in Newsletter

Robinson+Cole Data Privacy + Security Insider
Contact

In a recent newsletter, the Office for Civil Rights (OCR) encourages health care organizations to review their procedures around authentication and “ensure that they have the appropriate safeguards in place.”

The Newsletter, entitled What Type of Authentication is Right for You? states that “[O]ver the past years, the healthcare sector has been one of the biggest targets of cybercrime. Some of these cybercrimes resulted in breaches due to weak authentication, which has made healthcare entities take a second look at their safeguards and consider strengthening their authentication methods.”

According to the Newsletter, covered entities and business associates should:

  • Conduct an enterprise-wide risk assessment that can identify the vulnerabilities of their current authentication methods and practices
  • Consider implementing a form of authentication that is reasonable and appropriate for the size, complexity and capability of the organization
  • Depending on the results of the risk assessment, consider implementing different types of authentication, including single-factor authentication or multi-factor authentication

Although the Newsletter is sparse on detail, it certainly provides a heads up on the issues that the OCR is concerned with, and covered entities and business associates may wish to consider evaluating authentication methods used and consider changing them if appropriate.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Robinson+Cole Data Privacy + Security Insider | Attorney Advertising

Written by:

Robinson+Cole Data Privacy + Security Insider
Contact
more
less

Robinson+Cole Data Privacy + Security Insider on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide