News & Analysis as of

Office of Civil Rights Electronic Protected Health Information (ePHI) Data Security

Foley Hoag LLP - Security, Privacy and the...

HHS OCR Settles HIPAA Security Rule Investigation with Health Fitness Corporation

Foley Hoag LLP - Security, Privacy and the... on

On March 21, 2025, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement of HIPAA security rule claims involving Health Fitness Corporation (Health Fitness). Health Fitness...more

Perkins Coie

HHS Proposal To Strengthen HIPAA Security Rule

Perkins Coie on

Earlier this year, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) adopted a new proposal to strengthen the Health Insurance Portability and Accountability Act (HIPAA) security standards...more

Robinson+Cole Data Privacy + Security Insider

Warby Parker Settles Data Breach Case with OCR for $1.5M

Robinson+Cole Data Privacy + Security Insider on

Eyeglass manufacturer and retailer Warby Parker recently settled a 2018 data breach investigation by the Office for Civil Rights (OCR) for $1.5 million. According to OCR’s press release, Warby Parker self-reported that...more

Shook, Hardy & Bacon L.L.P.

OCR Enforcement Activity: Trends and Insights From a Limited Sample

Shook, Hardy & Bacon L.L.P. on

Arecent report put the odds of an asteroid hitting the earth in December 2032 at 3.1%—which is 3,100 times more likely than an organization resolving an enforcement action with the U.S. Department of Health and Human...more

Saul Ewing LLP

Seeing is Believing: A Civil Money Penalty With Warby Parker Following Cybersecurity Incident

Saul Ewing LLP on

On February 20, 2025, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $1.5 million civil money penalty (CMP) against Warby Parker, Inc. (WP). WP is a manufacturer and online...more

Nilan Johnson Lewis PA

Nine Steps Healthcare Entities Should Take to Prevent Cyberattacks

Nilan Johnson Lewis PA on

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently imposed a $1.5 million civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of eyewear, for...more

ArentFox Schiff

Proposed Changes to the HIPAA Security Rule: What Regulated Entities Need to Know

ArentFox Schiff on

In the final days of the Biden Administration, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a notice of proposed rulemaking (NPRM) to modify the Security Rule under the Health...more

Dentons

Ep. 47 – Make Your HIPAA Security Program Dynamic

Dentons on

“Almost every stage of modern healthcare relies on stable and secure computer and network technologies.” The above is a direct quote from the Office of Civil Rights for Health & Human Services (“OCR”) in its proposed...more

Vorys, Sater, Seymour and Pease LLP

Proposed Update to the HIPAA Security Rule

Vorys, Sater, Seymour and Pease LLP on

In early January, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published a Notice of Proposed Rulemaking. The Proposed Rule would modify the Security Standards for the Protection of...more

Paul Hastings LLP

HHS OCR Releases Proposed Updates to HIPAA Security Rule

Paul Hastings LLP on

On December 27, 2024, the U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), announced a Notice of Proposed Rulemaking (NPRM) to amend the Security Standards for the Protection of...more

McCarter & English, LLP

Season of Enforcement: OCR Announces Its Sixth Enforcement Action of 2025

McCarter & English, LLP on

With 2025 barely three weeks old, the US Department of Health and Human Services Office for Civil Rights (OCR) has already announced six enforcement actions for the new year. Particularly significant is the advancement of...more

Bradley Arant Boult Cummings LLP

Introducing Bradley’s Series on HHS’s Proposed HIPAA Security Rule Updates

Bradley Arant Boult Cummings LLP on

Bradley is launching a multipart blog series on the U.S. Department of Health and Human Services’ (HHS) proposed changes to strengthen cybersecurity protections for electronic protected health information (ePHI) regulated...more

Husch Blackwell LLP

OCR Announces Proposed Updates to HIPAA Security Rule, Raises the Bar for Healthcare Cybersecurity

Husch Blackwell LLP on

On December 27, 2024, the U.S. Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), issued proposed changes to the Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more

Ballard Spahr LLP

HHS Proposes Significant Updates to HIPAA Security Rule

Ballard Spahr LLP on

On January 6, 2025, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) published a Notice of Proposed Rulemaking (“NPRM”) to amend the Health Insurance Portability and Accountability Act...more

Baker Donelson

Proposed HIPAA Security Rule Updates

Baker Donelson on

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) issued a Notice of Proposed Rulemaking (NPRM) on December 27, 2024, to update the Health Insurance Portability and Accountability Act...more

Whiteford

Client Alert: HIPAA Happenings: U.S. Department of Health and Human Services Proposes Updated HIPAA Cybersecurity Rules

Whiteford on

On January 6, 2025, the U.S. Department of Health and Human Services (“DHHS”) Office of Civil Rights (“OCR”) published a proposed rule entitled, “HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Health...more

Alston & Bird

New Year, New HIPAA Security Rule: OCR Adds to Health Care Entities’ New Year’s Resolutions

Alston & Bird on

The Biden Administration’s Office for Civil Rights delivered on its promise to propose an update to the HIPAA Security Rule. Our Health Care and Privacy, Cyber & Data Strategy groups summarize key points from the new rule and...more

Polsinelli

OCR Proposes Regulatory Facelift to the HIPAA Security Rule: Addressing the Current Cybersecurity Environment with More...

Polsinelli on

On January 6, 2025, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published a “Notice of Proposed Rulemaking,” HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected...more

Troutman Pepper Locke

HIPAA Security Rule Revamp Is on the Horizon

Troutman Pepper Locke on

On January 6, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published significant proposed amendments (proposed rule) to the Security Rule under the Health Insurance Portability and...more

Shook, Hardy & Bacon L.L.P.

OCR Delivers A Year-End Surprise: A Draft Update of HIPAA's Security Rule

Shook, Hardy & Bacon L.L.P. on

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) delivered a late-December surprise: a draft overhaul of the Health Insurance Portability and Accountability Act of 1996’s (HIPAA) Security Rule....more

Quarles & Brady LLP

Fresh From the Oven: OCR-HHS Issues a Notice of Proposed Rulemaking for the HIPAA Security Rule

Quarles & Brady LLP on

‘Tis the season for holiday baking and the elves at the U.S. Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), have been diligently crafting their own holiday treat. On December 27,...more

Jackson Lewis P.C.

OCR Proposed Tighter Security Rules for HIPAA Regulated Entities, including Business Associates and Group Health Plans

Jackson Lewis P.C. on

As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more

Saul Ewing LLP

No “Trick”: Plastic Surgery Practice Agrees to Pay a $500,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

On October 31, 2024, the U.S. Department of Health and Human Services (“HHS”), Office of Civil Rights (“OCR”) announced a $500,000 settlement with Plastic Surgery Associates of South Dakota (“PSA”) concerning potential...more

BakerHostetler

Let’s Get Physical - OCR Issues Reminder that HIPAA Security Isn’t Just Technical

BakerHostetler on

While most entities that are subject to the HIPAA Security Rule spend considerable time and effort ensuring that they have implemented appropriate administrate and technical safeguards to protect the health information that...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - July 15th - 18th, Charlotte, NC

Health Care Compliance Association (HCCA) on

Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more

76 Results
 / 
View per page
Page: of 4
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide