The U.S. Department of Health and Human Services (“HHS”) issued a Notice of Proposed Rulemaking (the “Proposed Rule”) on December 27, 2024, to significantly amend HIPAA’s Security Rule, which sets forth the security standards...more
1/6/2025
/ Business Associates ,
Covered Entities ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Security Rule ,
NPRM ,
Privacy Laws ,
Proposed Rules ,
Regulatory Requirements ,
Rulemaking Process
On November 6, 2023, the Centers for Medicare and Medicaid Services (“CMS”) released the contract year 2025 proposed rule for Medicare Advantage (“MA”) organizations and Part D sponsors (the “Proposed Rule”). The Proposed...more
In May, the Federal Trade Commission (“FTC”) proposed changes (the “Proposed Rule”) to the Health Breach Notification Rule (the “Rule”), which, among other items, emphasize that the Rule applies to mobile health applications...more
6/30/2023
/ Data Privacy ,
Data Protection ,
Data Security ,
Digital Health ,
Federal Trade Commission (FTC) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach Notification Rule ,
Mobile Health Apps ,
Privacy Laws ,
Proposed Amendments ,
Proposed Rules ,
Technology Sector
On June 16, 2023, nearly half of the State Attorneys General penned a letter (the “Letter”) to the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) advocating for broader privacy protections...more
The Centers for Medicare & Medicaid Services (“CMS”), on behalf of the U.S. Department of Health and Human Services (“HHS”), recently issued a proposed rule to adopt standards under the Health Insurance Portability and...more
The U.S. Department of Health and Human Services (“HHS”) has announced proposed changes (the “Proposed Rule”) to 42 C.F.R. Part 2 (“Part 2”). While the Health Insurance Portability and Accountability Act (“HIPAA”) governs the...more