News & Analysis as of

HIPAA Security Rule Cybersecurity Risk Management

Frost Brown Todd

Proposed HIPAA Security Rule Requires AI Governance

Frost Brown Todd on

In terms of healthcare data breaches, 2024 was the worst year ever, with the records of at least 53% of the U.S. population involved and two of the biggest healthcare data breaches of 2024 ranking in the top 10 of all time. ...more

Epstein Becker & Green

Proposed HIPAA Security Rule Updates May Significantly Impact Covered Entities and Business Associates

As we noted in our previous blog here, on January 6, 2025, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) published a Notice of Proposed Rulemaking (NPRM) proposing substantial revisions...more

Bradley Arant Boult Cummings LLP

The Why Behind the HHS Proposed Security Rule Updates

In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we are exploring the justifications...more

Saul Ewing LLP

Seeing is Believing: A Civil Money Penalty With Warby Parker Following Cybersecurity Incident

Saul Ewing LLP on

On February 20, 2025, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $1.5 million civil money penalty (CMP) against Warby Parker, Inc. (WP). WP is a manufacturer and online...more

Nilan Johnson Lewis PA

Nine Steps Healthcare Entities Should Take to Prevent Cyberattacks

Nilan Johnson Lewis PA on

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently imposed a $1.5 million civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of eyewear, for...more

Bradley Arant Boult Cummings LLP

HHS Security Rule NPRM Proposes Makeover for Administrative Safeguard Compliance for Regulated Entities

In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we are exploring the proposed updates...more

Gardner Law

Changes Proposed to HIPAA Security Rules

Gardner Law on

On December 27, 2024, the U.S. Department of Health and Human Services (HHS) issued a Notice of Proposed Rulemaking (NPRM) to modify the HIPAA Security Rule and strengthen cybersecurity protections for electronic protected...more

ArentFox Schiff

Proposed Changes to the HIPAA Security Rule: What Regulated Entities Need to Know

ArentFox Schiff on

In the final days of the Biden Administration, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a notice of proposed rulemaking (NPRM) to modify the Security Rule under the Health...more

Maynard Nexsen

Changes Proposed by HHS to Strengthen HIPAA Security Rule

Maynard Nexsen on

On January 6, 2025, the US Department of Health and Human Services Office for Civil Rights (“OCR”) issued a notice of proposed rulemaking (“Proposed Rule”) containing significant updates to the Security Rule under the Health...more

Epstein Becker & Green

Proposed Modernization of the HIPAA Security Rules

Epstein Becker & Green on

The HIPAA Security Rule was originally promulgated over 20 years ago. While it historically provided an important regulatory floor for securing electronic protected health information, the Security Rule’s lack of...more

Dentons

Ep. 47 – Make Your HIPAA Security Program Dynamic

Dentons on

“Almost every stage of modern healthcare relies on stable and secure computer and network technologies.” The above is a direct quote from the Office of Civil Rights for Health & Human Services (“OCR”) in its proposed...more

Paul Hastings LLP

HHS OCR Releases Proposed Updates to HIPAA Security Rule

Paul Hastings LLP on

On December 27, 2024, the U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), announced a Notice of Proposed Rulemaking (NPRM) to amend the Security Standards for the Protection of...more

Arnall Golden Gregory LLP

OCR Issues Proposed Rule to Strengthen Cybersecurity for ePHI

The Office for Civil Rights (“OCR”) under the U.S. Department of Health and Human Services (“HHS”) recently issued a Notice of Proposed Rulemaking (the “Proposed Rule”) to modify the Health Insurance Portability and...more

Bradley Arant Boult Cummings LLP

Introducing Bradley’s Series on HHS’s Proposed HIPAA Security Rule Updates

Bradley is launching a multipart blog series on the U.S. Department of Health and Human Services’ (HHS) proposed changes to strengthen cybersecurity protections for electronic protected health information (ePHI) regulated...more

Wyrick Robbins Yates & Ponton LLP

Analyze This: OCR Kicks Off 2025 with Two New HIPAA Enforcement Actions Against Business Associates as Part of New Risk Analysis...

Just two weeks into the year, 2025 is already shaping up to be a busy year for privacy lawyers, especially those tasked with helping covered entities and business associates comply with the HIPAA Security Rule.  As we...more

Ballard Spahr LLP

HHS Proposes Significant Updates to HIPAA Security Rule

Ballard Spahr LLP on

On January 6, 2025, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) published a Notice of Proposed Rulemaking (“NPRM”) to amend the Health Insurance Portability and Accountability Act...more

Cozen O'Connor

Proposed Changes to the HIPAA Security Rule Will Have a Significant Impact on the Health Care Sector

Cozen O'Connor on

A few days ago, the U.S. Department of Health and Human Services (“HHS”), through its Office for Civil Rights, issued the proposed rule HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected Health...more

Whiteford

Client Alert: HIPAA Happenings: U.S. Department of Health and Human Services Proposes Updated HIPAA Cybersecurity Rules

Whiteford on

On January 6, 2025, the U.S. Department of Health and Human Services (“DHHS”) Office of Civil Rights (“OCR”) published a proposed rule entitled, “HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Health...more

Davis Wright Tremaine LLP

HIPAA Security Rule Resolves To Hit the Gym and Bulk Up

For more than 20 years, the HIPAA Security Rule has been virtually unchanged other than extending its scope beyond covered entities to also include business associates. During that time, technology has changed, cybersecurity...more

Alston & Bird

New Year, New HIPAA Security Rule: OCR Adds to Health Care Entities’ New Year’s Resolutions

Alston & Bird on

The Biden Administration’s Office for Civil Rights delivered on its promise to propose an update to the HIPAA Security Rule. Our Health Care and Privacy, Cyber & Data Strategy groups summarize key points from the new rule and...more

Fisher Phillips

Proposed Updates to HIPAA Security Rule Would Require Entities to Adopt Enhanced Cybersecurity Measures

Fisher Phillips on

The HIPAA Security Rule may soon undergo a big overhaul that would better defend healthcare data from cybersecurity threats – and require much more from covered entities when it comes to establishing and maintaining defenses....more

Foley & Lardner LLP

HHS Proposes Changes to Strengthen HIPAA Security Rule

Foley & Lardner LLP on

Material updates to the HIPAA Security Rule could be on the way — affecting all HIPAA-regulated entities — for the first time in two decades. The Department of Health and Human Services (HHS) issued a Notice of Proposed...more

Clark Hill PLC

HHS OCR Proposes Updates to the HIPAA Security Rule to Respond to Emerging Threats

Clark Hill PLC on

On Dec. 27, the Department of Health and Human Services (HHS) issued proposed updates to the HIPAA Security Rule to address evolving cybersecurity threats in healthcare. Introduced through a Notice of Proposed Rulemaking...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

Federal Regulators Unveil Revised Final Guidance for Healthcare Cybersecurity and HIPAA Compliance

On February 14, 2024, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) published a new, final version of their guidance for...more

BakerHostetler

‘Unboxing’ the New NIST Guidance: NIST Publishes Significant Update to Healthcare Cybersecurity Guide

BakerHostetler on

​​​​​​​Without question, healthcare providers and the companies that support them operate in an elevated cybersecurity risk environment. And when a cybersecurity incident occurs, the ensuing regulatory inquiries and/or...more

27 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide