There’s no denying that cyber attacks have impacted the healthcare industry. One health IT organization thinks that HIPAA does not do enough to protect patients. “Healthcare is deemed a critical infrastructure by the Department of Homeland Security (DHS) and as such, patient safety and patient data should be viewed as a public good; protecting those things should be a national priority,” said the College of Healthcare Information Management Executives (CHIME) in a March 1 letter to Senator Lamar Alexander, chairman of the U.S. Senate Committee on Health, Education, Labor, and Pensions. The industry group acknowledges that health IT has made delivering care more efficient and informed, but that “as patient health data becomes digital and more fluid, we must ensure the implementation of stringent privacy and security standards.” CHIME offers many recommendations for HHS and its subsidiaries to strengthen measures and go beyond HIPAA audits. Suggestions include: “Providers must be able to maximize protections allowed under business associates agreements [BAAs] by redistributing responsibility for security more evenly among covered entities and their business associates [BAs],” advised the CHIME letter. Read the CHIME letter to the U.S. Senate at https://chimecentral.org/wp-content/uploads/2019/03/CHIME-Response-to-HELP-on-Health-CostsvFINAL.pdf.