News & Analysis as of

Covered Entities Data Privacy

Porter Hedges LLP

DOJ Issues Data Security Program Compliance Guide

Porter Hedges LLP on

On April 11, 2025, the U.S. Department of Justice’s National Security Division (NSD) issued a Compliance Guide to provide additional information to assist companies and individuals in complying with the NSD’s Data Security...more

Pagefreezer

HIPAA Regulations & Business Associate Agreements In The Age Of Digital Collaboration

Pagefreezer on

The healthcare industry has come up against unprecedented pressure in recent years. Digital transformation has had a significant role to play when it comes to creating the efficiency needed to deal with the challenges of a...more

Holland & Hart LLP

E-mailing and Texting PHI: Beware HIPAA

Holland & Hart LLP on

The HIPAA Privacy and Security Rules require covered entities (including healthcare providers and health plans) and their business associates to protect patient information stored or transmitted electronically, including...more

Health Care Compliance Association (HCCA)

$1.5M Warby Parker Fine a Holdover; OCR Focuses On Men in Sports, Antisemitism, ‘Biological Truth’

Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more

Katten Muchin Rosenman LLP

NYDFS Annual Compliance Submissions Due April 15, 2025 and New Compliance Requirements Effective on May 1, 2025

As we previously reported, in 2023 the New York State Department of Financial Services (NYDFS) amended its cybersecurity regulation, 23 NYCRR 500 (or Part 500). As of November 1, 2024, Class A Companies and Covered Entities...more

Orrick, Herrington & Sutcliffe LLP

NYDFS reminds covered entities to submit notifications by April 15

On February 27, NYDFS reminded covered entities subject to the Cybersecurity Regulation to submit their annual compliance notifications for the 2024 calendar year. Covered entities must submit the compliance filing by April...more

Davis Wright Tremaine LLP

New Administration Outlook: Trump Orders and the Impact on Reproductive Healthcare

On January 24, 2025, President Trump issued an Executive Order, titled "Enforcing the Hyde Amendment," revoking President Biden's two Executive Orders 14076 (July 8, 2022) and 14079 (August 3, 2022) that federally protected...more

Baker Donelson

OCR Issues "Dear Colleagues" Letter Regarding AI in Medicine

Baker Donelson on

On May 6, 2024, OCR published the final rule interpreting and implementing Section 1557 at 45 C.F.R. § 92 (the Final Rule). The Final Rule regulates the use of patient care decision support tools, including AI algorithms for...more

Faegre Drinker Biddle & Reath LLP

Proposed HIPAA Security Rule Updates — Implications for Covered Entities and Their Information Security Programs

On January 6, 2025, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) published a notice of proposed rulemaking (Proposed Rule) updating the Health Insurance Portability and...more

Epstein Becker & Green

Recent Developments in Health Care Cybersecurity and Oversight: 2024 Wrap Up and 2025 Outlook

Epstein Becker & Green on

As Cyberattacks targeting the health care sector have continued to intensify over the past year, including ransomware attacks that have resulted in major data breaches impacting health care organizations, the protection of...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

HHS Proposed Rule Would Increase Cybersecurity Requirements for Electronic Health Data

The U.S. Department of Health and Human Services (HHS) recently released a proposed rule to better protect electronic health data from cybersecurity threats. The proposed rule would apply to health plans, healthcare...more

Robinson+Cole Health Law Diagnosis

What to Know About the HHS HIPAA Security Standards Proposal

At the close of 2024, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) issued a Notice of Proposed Rulemaking (the Proposed Rule) to amend the Security Rule regulations established...more

Fisher Phillips

PEOs Need to Prepare for Increased Cybersecurity Requirements Thanks to Proposed HIPAA Security Rule Revisions

Fisher Phillips on

With the HIPAA Security Rule set to undergo a massive overhaul to boost cybersecurity protections, PEOs need to take note. After all, as stewards of worksite employee and client company data – and as sponsors of group health...more

Fisher Phillips

Proposed Updates to HIPAA Security Rule Would Require Entities to Adopt Enhanced Cybersecurity Measures

Fisher Phillips on

The HIPAA Security Rule may soon undergo a big overhaul that would better defend healthcare data from cybersecurity threats – and require much more from covered entities when it comes to establishing and maintaining defenses....more

Troutman Pepper Locke

HIPAA Security Rule Revamp Is on the Horizon

Troutman Pepper Locke on

On January 6, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published significant proposed amendments (proposed rule) to the Security Rule under the Health Insurance Portability and...more

Fox Rothschild LLP

New Year, New HIPAA Security Rules Headed Your Way

Fox Rothschild LLP on

What better way to welcome the new year than with proposed new HIPAA Security Rules? As 2024 came to an end, the U.S. Department of Health and Human Services announced new proposed regulations to strengthen cybersecurity and...more

Davis Wright Tremaine LLP

Whether Naughty or Nice, Compliance Deadline for HIPAA Reproductive Care Privacy Is Coming to Town

We just want to provide a friendly reminder that, before key staff depart for the holidays, HIPAA covered entities and business associates should finalize their compliance with the 2024 HIPAA amendments related to...more

Holland & Knight LLP

HIPAA Tidings: A Look at OCR's Recent Enforcement Actions

Holland & Knight LLP on

In addition to holiday celebrations, the month of December typically ushers in a final round of enforcement actions by the U.S. Department of Health and Human Services' (HHS) Office of Civil Rights (OCR), and 2024 is no...more

Mintz - Privacy & Cybersecurity Viewpoints

Nebraska’s Consumer Privacy Law Takes Effect Soon and Targets Businesses Selling Personal Data

We are moving westward this week from Iowa to Nebraska in our series of articles providing in-depth summaries of state consumer privacy laws taking effect across the nation. Nebraska Governor Jim Pillen (R) signed the...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - January 27th - 30th, Orlando, FL

HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more

Mintz - Privacy & Cybersecurity Viewpoints

Just Around the Corner, Iowa’s Consumer Privacy Law Taking Effect

Iowa is next up in our series of articles providing in-depth summaries of state consumer privacy laws taking effect across the nation. On March 28, 2023, Iowa Governor Kim Reynolds (R) signed into law Senate File 262...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

New Jersey Joins Data Privacy Party - New Jersey Data Protection Act Becomes Effective in January 2025

Signed into law at the beginning of 2024, colloquially known as the New Jersey Data Protection Act (NJDPA), N.J. Stat. § 56:8-166.4 et seq. will go into effect on January 15, 2025, as New Jersey joins eighteen other states...more

Vorys, Sater, Seymour and Pease LLP

Just Say No!  HIPAA and Requests for Reproductive Health Information

On April 22, 2024, the Office of Civil Rights issued a Final Rule titled HIPAA Privacy Rule to Support Reproductive Health Care Privacy (2024 Final Privacy Rule). Originally Published by the American Bar Association....more

Health Care Compliance Association (HCCA)

BAAs: If and when third parties receiving PHI for research qualify as BAs under HIPAA

A business associate agreement (BAA) is a written contract between a covered entity (CE) and a business associate (BA) that—among other requirements—(1) establishes the permitted and required uses and disclosures of protected...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - December 9th - 12th, San Diego, CA

HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more

198 Results
 / 
View per page
Page: of 8

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide