One radiology group, Evansville, Ind.-based Radiology Business Management Association, expressed concern over the proposed rule, called the Health Insurance Portability and Accountability Act Security Rule to Strengthen the Cybersecurity of Electronic Protected Health Information, in a Feb. 28 letter to HHS.
“Many of the additional requirements outlined in the proposed rule could be cost prohibitive without generating a commensurate level of additional protection for individual patients, their providers or business associates,” RBMA President Pete Moffatt and co-executive directors Jessica Moffatt and Linda Wilgus wrote in the letter.
The organization cited the increasing reimbursement cuts experienced by the radiology industry, compared to other specialties, as reason for their concern.
“The estimated costs of compliance are substantial,” the letter said. “The new requirements could lead to further consolidation in the healthcare industry, driving up costs and disadvantaging smaller, independent practices.”
The proposed rule comes at a time when cyberattacks on the healthcare industry are surging. Among them, a radiology practice in North Carolina was forced to close its doors in February due to a cyberattack.
