News & Analysis as of

HITECH Act Cybersecurity Office of Civil Rights

Vorys, Sater, Seymour and Pease LLP

Proposed Update to the HIPAA Security Rule

In early January, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published a Notice of Proposed Rulemaking. The Proposed Rule would modify the Security Standards for the Protection of...more

Paul Hastings LLP

HHS OCR Releases Proposed Updates to HIPAA Security Rule

Paul Hastings LLP on

On December 27, 2024, the U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), announced a Notice of Proposed Rulemaking (NPRM) to amend the Security Standards for the Protection of...more

Jackson Lewis P.C.

OCR Proposed Tighter Security Rules for HIPAA Regulated Entities, including Business Associates and Group Health Plans

Jackson Lewis P.C. on

As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more

Foley Hoag LLP - Security, Privacy and the...

HHS Office for Civil Rights Proposes Measures to Strengthen Cybersecurity in Health Care Under HIPAA

The Department of Health and Human Services (HHS) has proposed significant modifications to the HIPAA Security Rule and the HITECH Act in an attempt to strengthen cybersecurity protections for electronic protected health...more

Epstein Becker & Green

2024 Update: Regulators Use “Carrots and Sticks” to Incentivize Healthcare Sector Cybersecurity Compliance

Epstein Becker & Green on

Healthcare organizations continue to be prime targets of cyberattacks. It is well-established that cyberattacks can lead to financial loss, reputational damage, and, in some cases, risks to patient care and safety. The recent...more

Baker Donelson

HIPAA Updates: The Obligations Continue to Unfold

Baker Donelson on

There has been a notable emphasis on proactive enforcement of the privacy and security of protected health information in recent weeks as evidenced by multiple developments regarding compliance with the Health Insurance...more

Davis Wright Tremaine LLP

HHS Reveals Strategy for Addressing Healthcare Sector Cybersecurity

The U.S. Department of Health and Human Services ("HHS") issued a concept paper describing its overarching strategy to address healthcare cybersecurity. The concept paper builds on the Biden-Harris Administration's National...more

Woods Rogers

HIPAA Security Rule: What are “Recognized Security Practices” and why are they important?

Woods Rogers on

A strong cybersecurity program can help defend against cyber attacks and protect sensitive patient data. Thanks to a 2021 amendment of the HITECH Act, when a breach occurs, it can also reduce enforcement penalties. The...more

Health Care Compliance Association (HCCA)

OCR: Current Fines Too Low to Spur Compliance; Agency Also Seeks Funding Boost, Injunctive Relief

Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more

Proskauer on Privacy

Department of Health and Human Services Issues Request for Information on Cybersecurity Standards

Proskauer on Privacy on

The Department of Health and Human Services (“HHS”) has issued a formal request for information from the public about how regulated entities are implementing industry recognized security practices. The request for information...more

Arnall Golden Gregory LLP

Recent OCR HIPAA Enforcement Actions and Request for Information on HITECH Implementation

Enforcement Actions - In its first announcement of enforcement actions in 2022, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) simultaneously announced the resolution of three...more

Wyrick Robbins Yates & Ponton LLP

Any Port in a Storm? OCR Seeks Comments on HIPAA “Safe Harbor” for Recognized Security Practices

Earlier this month, HHS’s Office for Civil Rights (OCR) issued a Request for Information (RFI) seeking comments on a statutory provision adopted last year that provides a quasi-safe harbor for entities that have voluntarily...more

Hogan Lovells

HHS seeks comment by June 6 on recognized security practices as mitigating factor in HIPAA enforcement

Hogan Lovells on

The US Department of Health Human Services (HHS) is seeking public comments about the appropriate role of “recognized security practices” in enforcement of the HIPAA Security Rule. Congress, through an amendment to the HITECH...more

Mintz - Health Care Viewpoints

OCR RFI: Have You Implemented Your Recognized Security Practices?

The Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) released a Request for Information (RFI) to obtain industry feedback and inform potential future rulemaking regarding information...more

McGuireWoods LLP

As HIPAA, HITECH Undergo Modernization, NIST Seeks Comment on Security Standard Guidance

McGuireWoods LLP on

On January 21, 2021, the Department of Health and Human Services (HHS) published proposed modifications to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for...more

Mintz - Privacy & Cybersecurity Viewpoints

Health Care Data Breaches Are Increasing Both in Number and Cost

It feels like we’ve been seeing a lot more health care breaches caused by hackers and other IT security incidents, and there’s a good reason why: a recent report by cloud security company Bitglass confirms that both the...more

Sheppard Mullin Richter & Hampton LLP

Cybersecurity, Inside Jobs, Outside Jobs, and HIPAA

According to a February 12, 2019 Press Release from Protenus, a developer of analytics for patient privacy monitoring and compliance, 15,085,302 patient records were breached in 2018 – a startling number made even more...more

White and Williams LLP

OCR Seeks Feedback for Modifying HIPAA Rules to Promote Efficiency and Reduce Burdens Placed Upon Covered Entities

White and Williams LLP on

Last week, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), issued a Request for Information (RFI) seeking public input on modification of the Privacy and Security Rules under the Health...more

Mintz - Health Care Viewpoints

Bah, Humbug! HIPAA Compliance Isn’t Getting Any Easier

As we look back on 2017, one message is clear: don’t be a Scrooge when it comes to HIPAA compliance. With ever-evolving security threats and unrelenting enforcement, regulated entities must maintain a spirit of compliance...more

Stinson LLP

HHS Publishes New Guidance on HIPAA and Cloud Computing

Stinson LLP on

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued a new guidance regarding HIPAA compliance and the use of cloud computing solutions. The guidance is intended to assist covered entities...more

Winstead PC

How Recent Cybersecurity Government Publications Impact HIPAA Security Compliance and the New Audit Initiative

Winstead PC on

Cybersecurity Impacts on HIPAA Security Compliance and the New Audit Initiative - New Audit Initiative Items to Watch - While The HHS Office for Civil Rights recently announced its intent to perform a second...more

Cooley LLP

Alert: OCR Begins Phase 2 of HIPAA Audit Program

Cooley LLP on

On March 21, 2016 the US Department of Health and Human Services Office for Civil Rights (OCR) announced the start of phase 2 (Phase 2) of the Health Insurance Portability and Accountability Act (HIPAA) Audit Program. OCR...more

Bond Schoeneck & King PLLC

Cybersecurity and Data Privacy and Health Care: Federal Office for Civil Rights Returns to Proactive HIPAA Enforcement with 2016...

The HHS Office for Civil Rights (OCR) announced this week that it has launched the long-anticipated latest round of audits for compliance with the privacy, security, and breach notification provisions of the Health Insurance...more

King & Spalding

OIG Reports Insufficient Oversight Of HIPAA Compliance

King & Spalding on

The HHS Office for Civil Rights (OCR) must improve its oversight and enforcement of patient information privacy and security rules by “covered entities” and their business associates under the Health Information Portability...more

Robinson+Cole Data Privacy + Security Insider

OIG report spurs OCR to announce phase 2 audits

On September 29, it was revealed that the HHS Office for Civil Rights (OCR) will commence Phase 2 of its HIPAA audit program in “early 2016.” OCR’s revelation regarding the Phase 2 audits, which had been the subject of...more

29 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide