News & Analysis as of

Cybersecurity Risk Assessment Office of Civil Rights

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Shook, Hardy & Bacon L.L.P.

OCR Enforcement Activity: Trends and Insights From a Limited Sample

Shook, Hardy & Bacon L.L.P. on

Arecent report put the odds of an asteroid hitting the earth in December 2032 at 3.1%—which is 3,100 times more likely than an organization resolving an enforcement action with the U.S. Department of Health and Human...more

Saul Ewing LLP

Seeing is Believing: A Civil Money Penalty With Warby Parker Following Cybersecurity Incident

Saul Ewing LLP on

On February 20, 2025, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $1.5 million civil money penalty (CMP) against Warby Parker, Inc. (WP). WP is a manufacturer and online...more

Carlton Fields

Cybersecurity May Be OCR’s New Year’s Resolution

Carlton Fields on

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) appears to have made cybersecurity its New Year’s resolution. The first few weeks of 2025 have already brought with them proposed amendments to...more

Jackson Lewis P.C.

OCR Proposed Tighter Security Rules for HIPAA Regulated Entities, including Business Associates and Group Health Plans

Jackson Lewis P.C. on

As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more

Lippes Mathias LLP

Hospital Administrators – Is Your Hospital Cyber-Secure?

Lippes Mathias LLP on

On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more

Clark Hill PLC

The Value of an Effective HIPAA Compliance Program Amid OCR HIPAA Audits

Clark Hill PLC on

In 2024, the U.S. Department of Health and Human Services Office of Civil Rights (“OCR”) Director Melanie Fontes Rainer announced that OCR will resume auditing Health Information Portability and Accountability Act (“HIPAA”)...more

Ankura

Navigating the Fallout: Essential Insights for Healthcare Companies in Light of the Change Healthcare Cyber Breach

Ankura on

The cyber breach at Change Healthcare in 2024 stands out as one of the most significant cyber-attacks in recent memory. Its repercussions extend far beyond immediate industry disruptions, resonating deeply in regulatory...more

Jackson Lewis P.C.

Key Takeaways for Healthcare Providers Following HHS OCR’s Most Recent Ransomware Investigation

Jackson Lewis P.C. on

Announcing its fourth ransomware cybersecurity investigation and settlement, the Office for Civil Rights (OCR) also observed there has been a 264% increase in large ransomware breaches since 2018....more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - July 15th - 18th, Charlotte, NC

Health Care Compliance Association (HCCA) on

Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more

Paul Hastings LLP

HHS’ Civil Rights Office Reaches Second-Ever Ransomware Settlement

Paul Hastings LLP on

The Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently announced a settlement under the Health Insurance Portability and Accountability Act (HIPAA) with Green Ridge Behavioral Health, LLC...more

Paul Hastings LLP

Data Breaches Exposing Protected Health Information Are Surging

Paul Hastings LLP on

The number of large data breaches, those involving 500 or more people, exposing protected health information has increased exponentially in the last few years, and ransomware and hacking are the primary cyber threats in...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

Federal Regulators Unveil Revised Final Guidance for Healthcare Cybersecurity and HIPAA Compliance

Ogletree, Deakins, Nash, Smoak & Stewart,... on

On February 14, 2024, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) published a new, final version of their guidance for...more

Saul Ewing LLP

New Cybersecurity Guide Released

Saul Ewing LLP on

On February 16, 2024, the HHS Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) published a final version of the cybersecurity resource guide (the “Guide”) with respect to the HIPAA...more

Health Care Compliance Association (HCCA)

[Event] Regional Compliance & Ethics Conference - February 22nd - 23rd, Anchorage, AK

Health Care Compliance Association (HCCA) on

Looking for compliance education and networking in your area? SCCE & HCCA’s Regional Compliance & Ethics Conferences bring compliance practitioners from all disciplines together for convenient, local compliance education....more

Society of Corporate Compliance and Ethics...

[Event] Regional Compliance & Ethics Conference - February 22nd - 23rd, Anchorage, AK

Society of Corporate Compliance and Ethics... on

Looking for compliance education and networking in your area? SCCE & HCCA’s Regional Compliance & Ethics Conferences bring compliance practitioners from all disciplines together for convenient, local compliance education....more

Health Care Compliance Association (HCCA)

11 Years After First Disclosure, L.A. Care Pays $1.3M, Says ‘Processing Errors’ Caused Breaches

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 23, no. 10 (October, 2023) By 2016, it should have been clear to HIPAA covered entities that a security risk analysis—and corresponding risk management plan—were compliance basics. Yet, a new...more

Kerr Russell

Cybersecurity for Medical Practices: Addressing the HIPAA in the Room

Kerr Russell on

Cybersecurity attacks, such as malware, phishing emails, and password attacks, are a growing threat to patients and medical practices. Cyber attacks can significantly disrupt patient care, including by exposing confidential...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - March 6th - 9th, Phoenix, AZ

Health Care Compliance Association (HCCA) on

Designed for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy is ideal for practitioners who want a deeper understanding of effective compliance management in a...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - December 5th - 8th, Anaheim, CA

Health Care Compliance Association (HCCA) on

Each Academy provides three-and-a-half days of classroom-style training covering the latest laws, regulations, and developments to help you effectively manage your organization’s compliance program. They are ideal for...more

Foley & Lardner LLP

NIST Releases Draft Cybersecurity Resource Guide on Implementing the HIPAA Security Rule

Foley & Lardner LLP on

The National Institute of Standards and Technology (NIST) has released an initial draft of Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide (Resource...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - August 22nd - 25th, Las Vegas, NV

Health Care Compliance Association (HCCA) on

Each Academy provides three-and-a-half days of classroom-style training covering the latest laws, regulations, and developments to help you effectively manage your organization’s compliance program. They are ideal for...more

Mintz - Health Care Viewpoints

Have You Updated Your HIPAA Security Risk Assessment Lately?

Mintz - Health Care Viewpoints on

Last week, the HHS Office for Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC) hosted a webinar on the HIPAA Security Risk Assessment Tool (SRA Tool or the Tool). The...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - September 27th - 30th, Austin, TX

Health Care Compliance Association (HCCA) on

Each Academy provides three-and-a-half days of classroom-style training covering the latest laws, regulations, and developments to help you effectively manage your organization’s compliance program. They are ideal for...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - August 2nd - 5th, Seattle, WA

Health Care Compliance Association (HCCA) on

Each Academy provides three-and-a-half days of classroom-style training covering the latest laws, regulations, and developments to help you effectively manage your organization’s compliance program. They are ideal for...more

NAVEX

4 Ways to Protect ePHI Beyond HIPAA Compliance

NAVEX on

Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more

47 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide