Proposed regulations may require employers to invest additional resources to safeguard group health plan participants’ protected health information.
In this installment of our blog series on the U.S. Department of Health...more
1/30/2025
/ Benefit Plan Sponsors ,
Business Associates ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Security Rule ,
NPRM ,
PHI ,
Reporting Requirements
There have been two important developments in the law applicable to the privacy and cybersecurity of group health plan participants’ health information. Plan sponsors must review plan policies and procedures, provider...more
10/2/2024
/ Benefit Plan Sponsors ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Department of Labor (DOL) ,
Employee Retirement Income Security Act (ERISA) ,
Employer Group Health Plans ,
Final Rules ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Personal Information ,
Policies and Procedures ,
Privacy Laws ,
Retirement Plan
The Department of Defense Inspector General (DoDIG) recently released its “Audit of the DoD’s Implementation and Oversight of the Controlled Unclassified Information [CUI] Program” (DODIG-2023-078). The audit highlights some...more
6/26/2023
/ Audits ,
Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Data Security ,
Department of Defense (DOD) ,
Federal Contractors ,
Reporting Requirements ,
Training ,
Vendors
As part of its efforts to protect an estimated $9.3 trillion in retirement plan assets from increasing “internal and external cybersecurity threats,” the Department of Labor (DOL) has issued its first guidance ever concerning...more