Signed into law on January 5, 2021, Public Law 116-321 requires HHS to take into consideration certain recognized security practices of covered entities and business associates when determining potential fines, audit results, or other remedies for resolving potential violations of the HIPAA Security Rule. Dawn Morgenstern, Chief Privacy Officer and Director of Consulting Services, Clearwater, speaks with Aleksandra Vold, Partner, Baker & Hostetler LLP, about Public Law 116-321’s impact on OCR investigations, how covered entities and business associates are approaching the question of recognized security practices, and recommended frameworks for meeting the expectations of Public Law 116-321.
In this episode, we discuss the critical role of Endpoint Detection and Response (EDR) systems in cybersecurity, particularly in healthcare. We explore the concept of 'EDR killers'—malicious software designed to disable EDR solutions—and the conditions that make these attacks successful.
