HHS Rule Changes Allow for Cybersecurity Donations

Gov Info Security

Marianne Kolbasuk McGee

Federal regulators have issued detailed final rules containing provisions that allow hospitals and healthcare delivery systems to donate cybersecurity technology, such as software, hardware and services, to physician practices.

The cybersecurity exceptions are contained in a 627-page final rule issued on Friday by the Department of Health and Human Services' Centers for Medicare and Medicaid Services and a 1,049-page final rule issued by the HHS Office of Inspector General modifying so-called Stark Law and federal anti-kickback regulations.

"We believe that a primary reason that an entity would provide cybersecurity technology and related services to a physician is to protect itself from cyberattacks," HHS writes. "However, we recognize that donated cybersecurity technology and services may have value for a physician recipient insomuch as the recipient would be able to use his or her resources for needs other than cybersecurity expenses."

HHS also notes...

Get the Morning Update

Thanks for subscribing!