News & Analysis as of

Covered Entities Cybersecurity

Husch Blackwell LLP

Effective Dates Draw Near for Insurance Industry to Comply with NYDFS's Cybersecurity Rules

Husch Blackwell LLP on

As part of a multiyear rollout, the New York Department of Financial Services (NYDFS) has established May 1, 2025, and November 1, 2025, as effective dates for certain amendments to its cybersecurity regulations. These...more

Hinshaw & Culbertson - Privacy, Cyber & AI...

Are Your Cybersecurity Controls Ready for the New York State Department of Financial Services' Deadlines?

In November 2023, New York State's Department of Financial Services (NYDFS) amended its cybersecurity regulation, Part 500. This legal alert provides an update for Covered Entities and Class A Businesses on the current NYDFS...more

Davis Wright Tremaine LLP

Deadline Approaching: Covered Entities Must File Certifications of Compliance With Amended NYDFS Cyber Regulation by April 15

In November 2023, the New York Department of Financial Services (NYDFS) issued its second amendment to its "Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). This was the...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

Reminder: New York Cybersecurity Reporting Deadline April 15, 2025; New Regulations Effective May 1, 2025

Covered entities regulated by the New York State Department of Financial Services (NYDFS) must submit cybersecurity compliance forms by April 15, 2025. New sets of requirements for system monitoring and access privileges,...more

Health Care Compliance Association (HCCA)

$1.5M Warby Parker Fine a Holdover; OCR Focuses On Men in Sports, Antisemitism, ‘Biological Truth’

Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more

Katten Muchin Rosenman LLP

NYDFS Annual Compliance Submissions Due April 15, 2025 and New Compliance Requirements Effective on May 1, 2025

As we previously reported, in 2023 the New York State Department of Financial Services (NYDFS) amended its cybersecurity regulation, 23 NYCRR 500 (or Part 500). As of November 1, 2024, Class A Companies and Covered Entities...more

Orrick, Herrington & Sutcliffe LLP

NYDFS reminds covered entities to submit notifications by April 15

On February 27, NYDFS reminded covered entities subject to the Cybersecurity Regulation to submit their annual compliance notifications for the 2024 calendar year. Covered entities must submit the compliance filing by April...more

Faegre Drinker Biddle & Reath LLP

Proposed HIPAA Security Rule Updates — Implications for Covered Entities and Their Information Security Programs

On January 6, 2025, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) published a notice of proposed rulemaking (Proposed Rule) updating the Health Insurance Portability and...more

King & Spalding

OCR Proposes Updates to Strengthen the HIPAA Security Rule

King & Spalding on

On December 27, 2024, the Office for Civil Rights (OCR) at HHS issued a Notice of Proposed Rulemaking (the Proposed Rule) intended to update the Security Rule under the Health Insurance Portability and Accountability Act...more

Epstein Becker & Green

Recent Developments in Health Care Cybersecurity and Oversight: 2024 Wrap Up and 2025 Outlook

Epstein Becker & Green on

As Cyberattacks targeting the health care sector have continued to intensify over the past year, including ransomware attacks that have resulted in major data breaches impacting health care organizations, the protection of...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

HHS Proposed Rule Would Increase Cybersecurity Requirements for Electronic Health Data

The U.S. Department of Health and Human Services (HHS) recently released a proposed rule to better protect electronic health data from cybersecurity threats. The proposed rule would apply to health plans, healthcare...more

Robinson+Cole Health Law Diagnosis

What to Know About the HHS HIPAA Security Standards Proposal

At the close of 2024, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) issued a Notice of Proposed Rulemaking (the Proposed Rule) to amend the Security Rule regulations established...more

Fisher Phillips

PEOs Need to Prepare for Increased Cybersecurity Requirements Thanks to Proposed HIPAA Security Rule Revisions

Fisher Phillips on

With the HIPAA Security Rule set to undergo a massive overhaul to boost cybersecurity protections, PEOs need to take note. After all, as stewards of worksite employee and client company data – and as sponsors of group health...more

Fisher Phillips

Proposed Updates to HIPAA Security Rule Would Require Entities to Adopt Enhanced Cybersecurity Measures

Fisher Phillips on

The HIPAA Security Rule may soon undergo a big overhaul that would better defend healthcare data from cybersecurity threats – and require much more from covered entities when it comes to establishing and maintaining defenses....more

Sheppard Mullin Richter & Hampton LLP

HHS’ Last-Minute Holiday Gift: Proposed Changes to the HIPAA Security Rule

The U.S. Department of Health and Human Services (“HHS”) issued a Notice of Proposed Rulemaking (the “Proposed Rule”) on December 27, 2024, to significantly amend HIPAA’s Security Rule, which sets forth the security standards...more

Fox Rothschild LLP

New Year, New HIPAA Security Rules Headed Your Way

Fox Rothschild LLP on

What better way to welcome the new year than with proposed new HIPAA Security Rules? As 2024 came to an end, the U.S. Department of Health and Human Services announced new proposed regulations to strengthen cybersecurity and...more

Foley Hoag LLP - Security, Privacy and the...

HHS Office for Civil Rights Proposes Measures to Strengthen Cybersecurity in Health Care Under HIPAA

The Department of Health and Human Services (HHS) has proposed significant modifications to the HIPAA Security Rule and the HITECH Act in an attempt to strengthen cybersecurity protections for electronic protected health...more

Goodwin

Congress Considers New Cybersecurity Legislation Adjunct to HIPAA

Goodwin on

In the wake of Change Healthcare’s February 2024 ransomware attack, which affected the protected health information (PHI) of at least 100 million individuals — the largest breach of PHI in history — the federal government’s...more

BakerHostetler

A New Budgetary Line Item for 2025 - New York-based Hospitals Should Plan Now for the Fiscal and Operational Costs Associated with...

BakerHostetler on

On October 2, the New York State Department of Health (NYSDOH) issued new cybersecurity regulations (Regulations) for all general hospitals in New York state (“hospitals”), creating a new Section 405.46 in Title 10 (Health)...more

Brooks Pierce

OIG Recommends Changes to HIPAA Audit Program to Strengthen Data Protections, Implications for Regulated Entities

Brooks Pierce on

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is required by law to perform periodic audits of covered entities and business associates to ensure their compliance with HIPAA Security Rule...more

Vinson & Elkins LLP

Proposed Cybersecurity Regulation Uncertain Under Trump Administration

Vinson & Elkins LLP on

Proposed cybersecurity regulation may face changes or challenges in view of the incoming Trump administration that is intent on reducing the perceived regulatory burden on American companies and streamlining government...more

White & Case LLP

NYDFS Releases Artificial Intelligence Cybersecurity Guidance For Covered Entities

White & Case LLP on

On October 16, 2024, the New York State Department of Financial Services (the "DFS"), under its Cybersecurity Regulation—23 NYCRR Part 500—issued a memorandum providing guidance on the risks posed by artificial intelligence...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - January 27th - 30th, Orlando, FL

HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

New York State Department of Financial Services Releases Guidance on Combating Cybersecurity Risks Associated With AI

On October 16, 2024, the New York State Department of Financial Services (NYDFS) released guidance highlighting the cybersecurity risks associated with artificial intelligence (AI) and how covered entities regulated by NYDFS...more

Hogan Lovells

DOJ proposes regulations limiting certain data transfers to protect national security

Hogan Lovells on

The U.S. remains on course to restrict a broad range of cross border data transfers to China, Russia, and other designated countries. On October 21, 2024, the Department of Justice (DOJ) issued a Notice of Proposed Rulemaking...more

366 Results
 / 
View per page
Page: of 15

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide