On December 2, 2020, the healthcare industry received some very exciting news as the Department of Health and Human Services (HHS) Office of Inspector General (OIG) published the Stark Law regulation’s final rule that “amends the safe harbors to the federal anti-kickback statute by adding new safe harbors and modifying existing safe harbors that protect certain payment practices and business arrangements from sanctions under the anti-kickback statute.”
One of the most significant changes relates to Cybersecurity Technology and Related Services 42 CFR 1001.952(jj). The new rule will allow healthcare institutions to donate access to cybersecurity technology and services to their affiliated providers—a major win for the industry and for the many health system cybersecurity executives who have driven this very important change. As healthcare organizations continue to be the most exposed industry to cyber attacks in 2020, this announcement couldn’t have come at a better time.
The amended rule takes effect on January 19, 2021, and many healthcare organizations will have to determine how the changes may affect them. Some key business questions they may want to address include:
The healthcare industry still has a long way to go to reduce the onslaught of cyberattacks that threaten the healthcare market. But allowing larger healthcare organizations to leverage their knowledge, experience, and resources will kick-start much-needed improvements in the protection of patient information and healthcare operations. Thank you, OIG!
Cyvatar is a company dedicated to fixing cybersecurity. It’s subscription-based cybersecurity-as-a-service (CSaaS) offering combines trusted security advisors and proven solutions that provide assessment, implementation, continuous monitoring, maintenance, AND remediation…all within a fixed-price plan. Learn more here.