U.S. Healthcare Industry: Cybersecurity Regulatory and Compliance Issues

  • Derek Mohammed Saint Leo University, School of Business, Florida, 33544
Keywords: Cyberattacks, Healthcare, HIPPA, HITECH, Personal Health Information

Abstract

The health care industry is one of the most vital areas of critical infrastructure in the United States. In recent years, the healthcare industry has faced a barrage of cyberattacks that have disputed vital services and exposed vast amounts of sensitive data. Federal regulations such as HIPPA and the HITECH act were designed to protect this sensitive data, but often are left open for interpretation. For example, HIPPA mandates the protection of personal health information but gives little guidance on how to do it properly. Even with regulatory mandates, the health care industry continues to struggle with complying with current regulations. Various factors such as budgetary constraints and the lack of cybersecurity professionals who understand the security needs of the health care industry affect compliance. Also within the health care industry, there are various sectors which are all governed by different sets of rules and regulations. This can create a level of confusion when trying to create a standard for the industry as a whole. The goal of this paper is to evaluate the current regulatory and compliance landscape of the U.S. health care system.

Downloads

Download data is not yet available.

References

Andre, T. (2017). Cybersecurity: An Enterprise Risk Issue. Healthcare Financial Management, 71(2), 1-6.

Chaudhary, R., & Hamilton, J. (2016). Internal Audit’s Critical Role in Cybersecurity. New Perspectives on Healthcare Risk

Management, Control & Governance, 35(2), 20-29.

Cohen, M. F. (2016). Impact of the HITECH financial incentives on EHR adoption in small, physician-owned practices. International Journal of Medical Informatics, 94, 143-154.

Conaty-Buck, S. (2017). Cybersecurity and healthcare records. American Nurse Today, 12(9), 62.

Douglas, P. C. (2015). Cyber Risk Management: Do You Know Your Threat Sources? Add more precision to your security framework. New Perspectives on Healthcare Risk Management, Control & Governance, 34(3), 27-29.

Lanz, J. (2016). Bolster your data defenses. Journal of Accountancy, 222(2), 22-24.

PWC. (2016). Surviving seismic change: Winning a piece of the $5 trillion US health ecosystem. Retrieve from: https://www.pwc.com/us/en/health-industries/health-research-institute/publications/pdf/pwc-hri-health-industry-changes.pdf.

Rechtman, Y., & Rashbaum, K. (2015). HIPAA Security Rule - Demystified. CPA Journal, 85(4), 68-70.

Schulke, D. F. (2013). The regulatory arms race: Mobile-health applications and agency posturing. Boston University Law Review, 93(5), 1699-1752.

Shoffner, M., Owen, P., Mostafa, J., Lamm, B., Wang, X., Schmitt, C. P., & Ahalt, S. C. (2013). The Secure Medical Research Workspace: An IT Infrastructure to Enable Secure Research on Clinical Data. CTS Journal , 6(3), 222-225.

Whitman, M. E., & Mattord, H. J. (2016). Management of Information Security. Boston, MA.

Published
2017-12-07
How to Cite
Mohammed, D. (2017). U.S. Healthcare Industry: Cybersecurity Regulatory and Compliance Issues. Journal of Research in Business, Economics and Management, 9(5), 1771-1776. Retrieved from http://www.scitecresearch.com/journals/index.php/jrbem/article/view/1347
Issue
Vol 9 No 5: JRBEM
Section
Articles

TRANSFER OF COPYRIGHT

JRBEM is pleased to undertake the publication of your contribution to Journal of Research in Business Economics and Management.

The copyright to this article is transferred to JRBEM(including without limitation, the right to publish the work in whole or in part in any and all forms of media, now or hereafter known) effective if and when the article is accepted for publication thus granting JRBEM all rights for the work so that both parties may be protected from the consequences of unauthorized use.