Tech »  Topic »  HHS Urges Health Sector to Harden Security of PHI, Devices

HHS Urges Health Sector to Harden Security of PHI, Devices

2 hours ago   bankinfosecurity

Feds Pushing HIPAA Regulated Entities to Bolster Security Risk Management Marianne Kolbasuk McGee (HealthInfoSec) • January 19, 2026

HHS is urging HIPAA covered entities, like hospitals and their third-party business associates, to "harden" the security of their IT systems, software and medical devices. (Image: Getty Images)

Federal regulators are advising regulated healthcare firms and third-party vendors to harden their systems, software and medical devices to better safeguard protected health information.

See Also: The Healthcare CISO's Guide to Medical IoT Security

That includes ensuring that organizations continually patch vulnerabilities, update software, properly configure security settings and disable or remove unneeded software.

Easier said than done, acknowledged guidance the U.S. Department of Health and Human Services' Office for Civil Rights issued. "Defining, creating and applying system hardening techniques is not a one-and-done exercise," it said.

Hardening is a necessary measure for protecting data privacy and security - but also in protecting patient ...


Copyright of this story solely belongs to bankinfosecurity . To see the full text click HERE