News & Analysis as of

HIPAA Security Rule Cybersecurity Protected Health Information

Nilan Johnson Lewis PA

Nine Steps Healthcare Entities Should Take to Prevent Cyberattacks

Nilan Johnson Lewis PA on

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently imposed a $1.5 million civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of eyewear, for...more

Epstein Becker & Green

Proposed Modernization of the HIPAA Security Rules

Epstein Becker & Green on

The HIPAA Security Rule was originally promulgated over 20 years ago. While it historically provided an important regulatory floor for securing electronic protected health information, the Security Rule’s lack of...more

Bradley Arant Boult Cummings LLP

HHS’s Proposed Security Rule Updates Could Require Group Health Plan Document Changes and New Plan Sponsor Security Practices

Proposed regulations may require employers to invest additional resources to safeguard group health plan participants’ protected health information. In this installment of our blog series on the U.S. Department of Health...more

Paul Hastings LLP

HHS OCR Releases Proposed Updates to HIPAA Security Rule

Paul Hastings LLP on

On December 27, 2024, the U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), announced a Notice of Proposed Rulemaking (NPRM) to amend the Security Standards for the Protection of...more

Stoel Rives - Global Privacy & Security Blog®

A Deeper Dive into the Proposed Modifications to the HIPAA Security Rule

“Through December 20, 2024, 575 security incidents involving unsecured protected health information affecting 500 or more individuals had been reported to Health and Human Services. Through the same date in 2023, 265...more

Wyrick Robbins Yates & Ponton LLP

Analyze This: OCR Kicks Off 2025 with Two New HIPAA Enforcement Actions Against Business Associates as Part of New Risk Analysis...

Just two weeks into the year, 2025 is already shaping up to be a busy year for privacy lawyers, especially those tasked with helping covered entities and business associates comply with the HIPAA Security Rule.  As we...more

Cozen O'Connor

Proposed Changes to the HIPAA Security Rule Will Have a Significant Impact on the Health Care Sector

Cozen O'Connor on

A few days ago, the U.S. Department of Health and Human Services (“HHS”), through its Office for Civil Rights, issued the proposed rule HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected Health...more

Whiteford

Client Alert: HIPAA Happenings: U.S. Department of Health and Human Services Proposes Updated HIPAA Cybersecurity Rules

Whiteford on

On January 6, 2025, the U.S. Department of Health and Human Services (“DHHS”) Office of Civil Rights (“OCR”) published a proposed rule entitled, “HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Health...more

Polsinelli

OCR Proposes Regulatory Facelift to the HIPAA Security Rule: Addressing the Current Cybersecurity Environment with More...

Polsinelli on

On January 6, 2025, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published a “Notice of Proposed Rulemaking,” HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected...more

Clark Hill PLC

HHS OCR Proposes Updates to the HIPAA Security Rule to Respond to Emerging Threats

Clark Hill PLC on

On Dec. 27, the Department of Health and Human Services (HHS) issued proposed updates to the HIPAA Security Rule to address evolving cybersecurity threats in healthcare. Introduced through a Notice of Proposed Rulemaking...more

Quarles & Brady LLP

Fresh From the Oven: OCR-HHS Issues a Notice of Proposed Rulemaking for the HIPAA Security Rule

Quarles & Brady LLP on

‘Tis the season for holiday baking and the elves at the U.S. Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), have been diligently crafting their own holiday treat. On December 27,...more

Wyrick Robbins Yates & Ponton LLP

Addressable No More: HHS Proposes Significant Changes to HIPAA Security Rule

On December 27, 2024, the Department of Health and Human Services (“HHS”) proposed substantial revisions to the 20-year-old HIPAA Security Rule. Comments on the proposal will be due within sixty days of its publication in the...more

Goodwin

Congress Considers New Cybersecurity Legislation Adjunct to HIPAA

Goodwin on

In the wake of Change Healthcare’s February 2024 ransomware attack, which affected the protected health information (PHI) of at least 100 million individuals — the largest breach of PHI in history — the federal government’s...more

Foley & Lardner LLP

OCR Says HIPAA Audits Will Resume: OIG Makes Recommendations for Enhancement

Foley & Lardner LLP on

Recognizing the increasing number of successful cyberattacks targeting health care organizations and their valuable patient data, the Office of the Inspector General (OIG) is calling for enhancements to the HIPAA audit...more

Saul Ewing LLP

Emergency Medical Service Provider Agrees to Pay a $90,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

On November 1, 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a $90,000 settlement with Bryan County Ambulance Authority (“BCAA”), a provider of emergency medical...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - January 27th - 30th, Orlando, FL

HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more

Lippes Mathias LLP

Hospital Administrators – Is Your Hospital Cyber-Secure?

Lippes Mathias LLP on

On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more

BakerHostetler

Let’s Get Physical - OCR Issues Reminder that HIPAA Security Isn’t Just Technical

BakerHostetler on

While most entities that are subject to the HIPAA Security Rule spend considerable time and effort ensuring that they have implemented appropriate administrate and technical safeguards to protect the health information that...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - July 15th - 18th, Charlotte, NC

Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more

Health Care Compliance Association (HCCA)

OCR Ends Year With Settlements That Tread Old Ground, Says New Rules Are Coming—Someday

If the penultimate enforcement settlement of 2023 issued by the HHS Office for Civil Rights (OCR) sounds familiar, that’s with good reason. And the last one of the year should ring some bells, too....more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - May 8th - 11th, Chicago, IL

Healthcare Privacy Compliance Academy Overview - Designed for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy is ideal for practitioners who want a deeper...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - March 6th - 9th, Phoenix, AZ

Designed for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy is ideal for practitioners who want a deeper understanding of effective compliance management in a...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - December 5th - 8th, Anaheim, CA

Each Academy provides three-and-a-half days of classroom-style training covering the latest laws, regulations, and developments to help you effectively manage your organization’s compliance program. They are ideal for...more

Hanzo

HIPAA Compliance & the Role of Enterprise Information Archiving

Hanzo on

Most people have heard of the Health Insurance Portability and Accountability Act (HIPAA), so it’s not surprising that companies dealing with digital health information will have to be HIPAA compliant. To do so, any protected...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - August 22nd - 25th, Las Vegas, NV

Each Academy provides three-and-a-half days of classroom-style training covering the latest laws, regulations, and developments to help you effectively manage your organization’s compliance program. They are ideal for...more

33 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide