On Jan. 6, 2025, the U.S. Department of Health and Human Services (HHS) proposed new regulations to enhance cybersecurity protections for electronic protected health information (ePHI) under the Health Insurance Portability...more
3/20/2025
/ Business Associates ,
Comment Period ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Security Rule ,
Incident Response Plans ,
Notice of Proposed Rulemaking (NOPR) ,
NPRM ,
Proposed Regulation ,
Regulatory Agenda ,
Regulatory Oversight ,
Regulatory Requirements ,
Risk Assessment ,
Technology Sector
In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we are exploring the proposed updates...more
In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we are exploring the proposed updates...more
2/13/2025
/ Cybersecurity ,
Data Privacy ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Security Rule ,
NPRM ,
Popular ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management
In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we are tackling the proposed updates...more
2/7/2025
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Security Rule ,
Multi-Factor Authentication ,
NPRM ,
Regulatory Requirements ,
Technology
Bradley is launching a multipart blog series on the U.S. Department of Health and Human Services’ (HHS) proposed changes to strengthen cybersecurity protections for electronic protected health information (ePHI) regulated...more
1/16/2025
/ Compliance ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Employer Group Health Plans ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Security Rule ,
Notice of Proposed Rulemaking (NOPR) ,
NPRM ,
OCR ,
Risk Management
The healthcare sector is increasingly facing cyber-threats with ransomware and hacking at the forefront. In the last five years, there has been a staggering 256% rise in significant hacking-related breaches and a 264% surge...more
A recently introduced bill in the Florida Legislature would provide businesses operating in Florida, including health care providers, with a legal defense to data breach lawsuits if they maintain robust cybersecurity measures...more
1/25/2024
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Florida ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Legislative Agendas ,
New Legislation ,
New Regulations ,
NIST ,
Regulatory Agenda ,
Risk Management ,
Safe Harbors ,
State and Local Government ,
State Legislatures
The Department of Health & Human Services (HHS) released a concept paper outlining its strategy for improving cybersecurity infrastructure within the healthcare sector. The paper calls for proposing healthcare-specific...more
In July 2023, the Federal Trade Commission (FTC) and the U.S. Department of Health and Human Services Office of Civil Rights (OCR) sent a joint letter to approximately 130 hospital systems and telehealth providers raising...more
8/29/2023
/ Cybersecurity ,
Disclosure ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach Notification Rule ,
OCR ,
Risk Management ,
Technology Sector ,
Telehealth ,
Tracking Systems
Tennessee has joined the growing number of states that have enacted comprehensive data privacy laws. On the final day of this year’s legislative session, the Tennessee legislature passed the Tennessee Information Protection...more
5/16/2023
/ Carve Out Provisions ,
Consumer Privacy Rights ,
Covered Entities ,
Data Collection ,
Data Controller ,
Data Privacy ,
Data Protection ,
Health Insurance Portability and Accountability Act (HIPAA) ,
New Legislation ,
Privacy Laws ,
State and Local Government ,
State Privacy Laws ,
Tennessee