News & Analysis as of

Covered Entities National Institute of Standards and Technology

Ankura

Operational Implications of the New Bulk Sensitive Data Executive Order

Ankura on

On February 28, 2024, President Biden signed Executive Order 14117 (the EO), on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” The United...more

Latham & Watkins LLP

President Biden’s Executive Order on Artificial Intelligence - Initial Analysis of Private Sector Implications

Latham & Watkins LLP on

The Order marks an ambitious effort to stand up a whole-of-government approach to encouraging the benefits and managing the risks of artificial intelligence, with many of its most significant private-sector implications...more

Sheppard Mullin Richter & Hampton LLP

Another Governor Signs: Tennessee Volunteers to Join the Privacy Patchwork

The Tennessee governor has signed Tennessee’s comprehensive privacy law, which as we have indicated will go into effect July 1, 2025. As initially proposed, the law would have been effective July 1, 2024, and would have...more

BakerHostetler

OCR releases YouTube Addressing “Recognized Security Practices” in HIPAA Enforcement Context

BakerHostetler on

As a Halloween treat for HIPAA-covered entities and business associates, on October 31, the Department of Health and Human Services Office for Civil Rights (OCR) released a new video on its YouTube channel, in which senior...more

K&L Gates LLP

Health Care Triage: Cybersecurity & HIPAA: NIST’s Practical Guidance Updates for Covered Entities and Business Associates

K&L Gates LLP on

In this episode, Rebecca Schaefer and J.D. Koesters review key components of the recent National Institute of Standards and Technology (NIST) revised publication regarding cybersecurity. They highlight how this resource...more

Baker Donelson

Office For Civil Rights Seeks Input on Implementation of HITECH Amendments

Baker Donelson on

On April 6, 2022, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) released a Request for Information (RFI) seeking public comment on "recognized security practices" and on sharing civil...more

Holland & Knight LLP

Get Ready for HIPAA Questions on Your Recognized Security Practices

Holland & Knight LLP on

An amendment to the Health Information Technology for Economic and Clinical Health (HITECH) Act was signed into law on Jan. 5, 2021, directing U.S. Health and Human Services (HHS) to consider "recognized security practices"...more

WilmerHale

Congress Passes Bill to Mitigate Penalties for Potential HIPAA Violations

WilmerHale on

On December 19, the Senate passed H.R.7898, which the House of Representatives had previously passed on December 9. This law amends the Health Information Technology for Economic and Clinical Health (HITECH) Act to require...more

Stoel Rives - Global Privacy & Security Blog®

NIST Releases a Standard for Privacy

As states fill the legal void for consumer privacy rights,[1] a new federal standard has emerged to assist companies with their compliance efforts. The National Institute of Standards and Technology (“NIST”) Privacy Framework...more

Fox Rothschild LLP

HIPAA Security And “Zero Day” Exploits: How To Stay Ahead Of The Hack

Fox Rothschild LLP on

HHS Office for Civil Rights (OCR)’s April 3, 2019 cybersecurity newsletter highlights one of the more challenging cybersecurity vulnerabilities faced by covered entities and business associates. OCR reminds covered entities...more

WilmerHale

Congress Begins Consideration of Comprehensive Federal Privacy Legislation

WilmerHale on

The enactment in June 2018 of California’s sweeping new privacy law, the California Consumer Privacy Act (CCPA), has both increased momentum for enactment of a general federal privacy law and spurred state legislatures to...more

Mitchell, Williams, Selig, Gates & Woodyard,...

Hospitals In The Crosshairs: Managing Cybersecurity Risk (Part 1)

From the recent headline-grabbing attacks on hospitals and municipalities, the specter of cybersecurity threats looms large. As a result, spending on cybersecurity initiatives is expected to reach $96 billion this year....more

Kilpatrick

Cyber Winter is Here, and Coming to Regulation: New York Cybersecurity Rule Ice Dragon Heading for the Wall

Kilpatrick on

The State of New York’s response to two large cybersecurity breaches may fuel the transformation of the state regulation of corporate cybersecurity in the U.S. Unlike typical state data breach statutes which focus on...more

Sheppard Mullin Richter & Hampton LLP

New York State Department of Financial Services Cybersecurity Regulation Poised to Reshape Existing Regulatory Landscape

In late December, New York State’s Department of Financial Services (“DFS”) released its revised proposed cybersecurity regulation (the “DFS Rule”). While the revisions pare back some of the DFS Rule’s original requirements...more

Poyner Spruill LLP

Tracking the Data Bandits

Poyner Spruill LLP on

In the iconic western, Butch Cassidy and the Sundance Kid, Butch and Sundance are hard pressed to evade a posse led by the semi-mythical lawman, Joe Lefors, who is so adept that he manages to track them across solid rock. The...more

Proskauer on Privacy

Financial Industry Groups Criticize New York Department of Financial Services Cybersecurity Proposal

Proskauer on Privacy on

As we previously reported, in September 2016 the New York Department of Financial Services (the “DFS”) proposed a regulation that would require banks, insurance companies and other financial services institutions regulated by...more

BakerHostetler

GAO Report Criticizes HHS’ HIPAA Cybersecurity Guidance and Program

BakerHostetler on

Recently, the Government Accountability Office (GAO) reviewed the U.S. Department of Health and Human Services’ (HHS) security and privacy oversight and identified significant gaps in the cybersecurity guidance provided by...more

Robinson+Cole Data Privacy + Security Insider

GAO Study Slams HHS For Lack of Guidance to Covered Entities

We watch closely for any guidance to HIPAA covered entities and business associates from the Department of Health and Human Services Office for Civil Rights (HHS/OCR). Why? Because there is so little of it. Lately, the only...more

Robinson+Cole Data Privacy + Security Insider

The Cyber Regulation Drops

On September 13, 2016, Governor Andrew Cuomo announced the first proposed broadly applicable cyber regulation in the U.S. (the “Regulation”). The Regulation covers banks, insurance companies and other financial institutions...more

Cooley LLP

Blog: GAO Criticizes HHS In Health Information Cybersecurity Report

Cooley LLP on

On Monday, the Government Accountability Office (“GAO”) released a report (the “Report”) criticizing the U.S. Department of Health and Human Services (“HHS”) security and privacy guidance and oversight in protecting...more

Fenwick & West LLP

Digital Health Care Alert: Is Your Health Care App subject to HIPAA? The U.S. Department of Health & Human Services’ Office for...

Fenwick & West LLP on

OCR’s Compliance Guidance for Health Care App Developers - The U.S. Department of Health & Human Services’ Office for Civil Rights (OCR) recently provided guidance (in the form of six “real-life” scenarios) to help...more

Winstead PC

How Recent Cybersecurity Government Publications Impact HIPAA Security Compliance and the New Audit Initiative

Winstead PC on

Cybersecurity Impacts on HIPAA Security Compliance and the New Audit Initiative - New Audit Initiative Items to Watch - While The HHS Office for Civil Rights recently announced its intent to perform a second...more

Winstead PC

Fiduciary Regulation and How Recent Cybersecurity Government Publications Impact HIPAA Security Compliance and the New Audit...

Winstead PC on

Fiduciary Regulation - The Office of Management and Budget released the final Fiduciary or Conflict of Interest regulation and related prohibited transaction exemption modifications from its review today. The next...more

Foley & Lardner LLP

Phase 2 of HIPAA Compliance Audits Now Underway

Foley & Lardner LLP on

The Office of Civil Rights (OCR) within the U.S. Department of Health and Human Services (DHHS) recently announced that it has initiated Phase 2 of its audit program to assess Covered Entities’ and Business Associate’s...more

Alston & Bird

HHS Issues HIPAA Security Rule Crosswalk with NIST Cybersecurity Framework

Alston & Bird on

Last week, the HHS Office for Civil Rights (OCR) released a crosswalk between the requirements of the HIPAA Security Rule and the NIST Cybersecurity Framework. ...more

26 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide