HIPAA Security Rule, Cybersecurity, Cyber Attacks

The Health Record - Healthcare Law Insights, V 2, Issue 4, April 2025

Spilman Thomas & Battle, PLLC on 4/8/2025

Welcome to our fourth issue of 2025 of The Health Record -- our healthcare law insights e-newsletter. In this edition, we look at prior authorization transparency and physician decision-making; the impact of Medicaid cuts...more

PEOs Need to Prepare for Increased Cybersecurity Requirements Thanks to Proposed HIPAA Security Rule Revisions

Fisher Phillips on 1/8/2025

With the HIPAA Security Rule set to undergo a massive overhaul to boost cybersecurity protections, PEOs need to take note. After all, as stewards of worksite employee and client company data – and as sponsors of group health...more

HHS Proposes Major Revisions to HIPAA Security Rule

Goodwin on 1/8/2025

On December 27, 2024, the Department of Health and Human Services (HHS) issued a notice of proposed rulemaking (NPRM) related to the Security Rule under the Health Insurance Portability and Accountability Act (HIPAA). ...more

Proposed Updates to HIPAA Security Rule Would Require Entities to Adopt Enhanced Cybersecurity Measures

Fisher Phillips on 1/7/2025

The HIPAA Security Rule may soon undergo a big overhaul that would better defend healthcare data from cybersecurity threats – and require much more from covered entities when it comes to establishing and maintaining defenses....more

OCR Says HIPAA Audits Will Resume: OIG Makes Recommendations for Enhancement

Foley & Lardner LLP on 12/10/2024

Recognizing the increasing number of successful cyberattacks targeting health care organizations and their valuable patient data, the Office of the Inspector General (OIG) is calling for enhancements to the HIPAA audit...more

Seven Years After Worldwide NotPetya Attacks, OCR Singles Out PA System, Collects Nearly $1M

Health Care Compliance Association (HCCA) on 8/21/2024

Unleashed on June 27, 2017, NotPetya caused an estimated $10 billion in damages globally, among the costliest ransomware attacks in history. In 2018, the Trump administration—in tandem with the British government—blamed...more

Employees’ Misdeeds, Lack of Risk Analysis Cost NY Hospital $4.75M; OCR Issues Warning

Health Care Compliance Association (HCCA) on 3/12/2024

Although the HHS Office for Civil Rights (OCR) described its recent $4.75 million agreement with a Bronx, New York, hospital as settling a “malicious insider cybersecurity investigation,” the agency considered a total of 11...more

Facing Escalating Attacks, AHA Presses OCR to Expedite Security Practices Rule

Health Care Compliance Association (HCCA) on 12/10/2021

Report on Patient Privacy 21, no. 12 (December, 2021) - Amid the letters of congratulations to new HHS Office for Civil Rights (OCR) Director Lisa Pino is a plea from the American Hospital Association (AHA): “victims” of...more

OCR Updates Ransomware Guidance

King & Spalding on 6/15/2021

On June 9, 2021, OCR distributed an update to those on its Privacy List sharing links to alerts and resources for addressing the growing number and size of ransomware incidents. One such resource included a White House memo...more

HIPAA Business Associate Pays $2.3 Million to Settle Breach Affecting Protected Health Information of Over 6 Million Individuals

Foley Hoag LLP - Security, Privacy and the... on 9/28/2020

With apologies to John Donne, ask not for whom the bells tolls, HIPAA business associates, it tolls for thee! While it has been the law for some time that business associates could be held directly liable for breaches,...more

HIPAA Security Rule › Cybersecurity › Cyber Attacks

"My best business intelligence, in one easy email…"