ACR Urges Reworking of HIPAA Security Rule Proposals

The American College of Radiology® (ACR®) recommended to the U.S. Department of Health and Human Services (HHS) that it rescind or otherwise rework its proposed rule to revise cybersecurity requirements within the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. If finalized, it would likely result in significant compliance costs and burdens at a time of decreased reimbursement and increased practice expenses.

The proposed rule, published late last year by the Biden administration, was widely criticized as rushed and indiscriminate. ACR emphasized its strong support for enhancing cybersecurity in the healthcare sector in general, but noted the proposal needs revision to reflect the various roles, available resources, and good faith compliance efforts of the disparate affected parties. The College suggested HHS should extensively engage the physician community to inform its future policy proposals and establish help centers that provide cybersecurity assistance to providers and small entities.

For more information or if you have questions about ACR’s comment letter, contact Michael Peters, ACR Senior Director, Government Affairs.

Related ACR News

States Begin to Introduce Bills for 2026
States launch 2026 sessions with new bills on AI governance, rural radiation therapy, imaging workforce standards, and dose rules.
Read more
Feds Release New Independent Dispute Resolution Fees
Federal agencies announce 2026 IDR entity fees: 7 increased, 6 unchanged, 2 decreased; $115 administrative fee remains.
Read more
CMS Issues Updated Guidance on WISeR Model
CMS issues WISeR Model update with new FAQs and Provider Guide released.
Read more

ACR Urges Reworking of HIPAA Security Rule Proposals

Related ACR News

Loading component...

Related ACR News

Get the Latest ACR News