News & Analysis as of

Protected Health Information Cybersecurity

Smith Anderson

Healthcare Cyberattacks Are on the Rise: Steps to Safeguard Your Organization

Smith Anderson on

Cyberattacks remain one of the most serious threats facing the healthcare industry. Healthcare providers and their vendors handle sensitive and valuable health data, making them prime targets for cybercriminals....more

Burr & Forman

Time for Spring Cleaning – Is Your HIPAA House Ready?

Burr & Forman on

When it comes to compliance with the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (“HIPAA”), is your house in order? Has someone recently looked underneath the counter and...more

Gardner Law

Recent Enforcement Reminds Companies: Assess HIPAA Compliance

Gardner Law on

A HIPAA compliance assessment is an evaluation of an organization's practices, policies, and procedures to ensure that they align with requirements from the Health Insurance Portability and Accountability Act (“HIPAA”). It...more

Health Care Compliance Association (HCCA)

$1.5M Warby Parker Fine a Holdover; OCR Focuses On Men in Sports, Antisemitism, ‘Biological Truth’

Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more

Bradley Arant Boult Cummings LLP

AI Meets HIPAA Security: Understanding HHS’s Risk Strategies and Proposed Changes

In this final blog post in the Bradley series on the HIPAA Security Rule notice of proposed rulemaking (NPRM), we examine how the U.S. Department of Health and Human Services (HHS) Office for Civil Rights interprets the...more

Nilan Johnson Lewis PA

Nine Steps Healthcare Entities Should Take to Prevent Cyberattacks

Nilan Johnson Lewis PA on

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently imposed a $1.5 million civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of eyewear, for...more

Polsinelli

CISA and FDA Sound Alarm on Backdoor Cybersecurity Threat with Patient Monitoring Devices

Polsinelli on

Last week, the U.S. Cybersecurity and Infrastructure Security Agency (“CISA”) and the U.S. Food and Drug Administration (“FDA”) released warnings about an embedded function they found in the firmware of the Contec CMS8000,...more

Health Care Compliance Association (HCCA)

We’ll Take the Fine: OCR’s ‘Unwarranted,’ Costly Demands Prompted Hospital’s $538K Payment

The saga that led Children’s Hospital Colorado to accept a fine of more than $500,000 imposed by the HHS Office for Civil Rights (OCR) began on July 11, 2017, when a physician’s email account containing details on 3,300...more

Holland & Knight LLP

Government Contracts Enforcement: DOJ Publishes FY 2024 False Claims Act Statistics

Holland & Knight LLP on

The U.S. Department of Justice (DOJ or the Department) has published statistics on False Claims Act (FCA) settlements and judgments for fiscal year (FY) 2024, a year in which the Department saw the highest number of qui tam...more

Epstein Becker & Green

Proposed Modernization of the HIPAA Security Rules

Epstein Becker & Green on

The HIPAA Security Rule was originally promulgated over 20 years ago. While it historically provided an important regulatory floor for securing electronic protected health information, the Security Rule’s lack of...more

Bradley Arant Boult Cummings LLP

HHS’s Proposed Security Rule Updates Could Require Group Health Plan Document Changes and New Plan Sponsor Security Practices

Proposed regulations may require employers to invest additional resources to safeguard group health plan participants’ protected health information. In this installment of our blog series on the U.S. Department of Health...more

McGuireWoods LLP

HHS Proposed Rule May Enhance HIPAA Security but Leaves AI Questions Open

McGuireWoods LLP on

In response to increased cybersecurity threats and significant regulatory enforcement actions, on Dec. 27, 2024, the Department of Health and Human Services (HHS) issued a Notice of Proposed Rulemaking seeking to enhance...more

Paul Hastings LLP

HHS OCR Releases Proposed Updates to HIPAA Security Rule

Paul Hastings LLP on

On December 27, 2024, the U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), announced a Notice of Proposed Rulemaking (NPRM) to amend the Security Standards for the Protection of...more

Parker Poe Adams & Bernstein LLP

The Major Developments in 2024 in Cybersecurity and Data Privacy

Companies continue to face a patchwork of state data privacy laws, federal agencies targeted companies' collection of sensitive consumer information, and a handful of states passed artificial intelligence-related regulation...more

Mintz - Health Care Viewpoints

EnforceMintz — Healing Healthcare? DOJ’s Cybersecurity Enforcement Trained Up for 2025

In 2024, the Department of Justice (DOJ) pursued significant enforcement activity under its Civil Cyber-Fraud Initiative (CCFI). As our readers know, the Deputy Attorney General announced the creation of the CCFI in October...more

Stoel Rives - Global Privacy & Security Blog®

A Deeper Dive into the Proposed Modifications to the HIPAA Security Rule

“Through December 20, 2024, 575 security incidents involving unsecured protected health information affecting 500 or more individuals had been reported to Health and Human Services. Through the same date in 2023, 265...more

Wyrick Robbins Yates & Ponton LLP

Analyze This: OCR Kicks Off 2025 with Two New HIPAA Enforcement Actions Against Business Associates as Part of New Risk Analysis...

Just two weeks into the year, 2025 is already shaping up to be a busy year for privacy lawyers, especially those tasked with helping covered entities and business associates comply with the HIPAA Security Rule.  As we...more

Cozen O'Connor

Proposed Changes to the HIPAA Security Rule Will Have a Significant Impact on the Health Care Sector

Cozen O'Connor on

A few days ago, the U.S. Department of Health and Human Services (“HHS”), through its Office for Civil Rights, issued the proposed rule HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected Health...more

Whiteford

Client Alert: HIPAA Happenings: U.S. Department of Health and Human Services Proposes Updated HIPAA Cybersecurity Rules

Whiteford on

On January 6, 2025, the U.S. Department of Health and Human Services (“DHHS”) Office of Civil Rights (“OCR”) published a proposed rule entitled, “HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Health...more

McDermott Will & Emery

HHS OCR Proposes Significant Modifications to HIPAA Security Rule

§ 160.101 Statutory basis and purpose. The requirements of this subchapter implement sections 1171–1180 of the Social Security Act (the Act), sections 262 and 264 of Public Law 104–191, section 105 of Public Law 110–233,...more

Akerman LLP - Health Law Rx

New Year, New HIPAA Security Rule Requirements? OCR Proposes Sweeping Changes for HIPAA Security Rule to Bolster Cybersecurity

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently proposed a sweeping rewrite of the HIPAA Security Rule that, if finalized, will require that many Covered Entities and their...more

Polsinelli

OCR Proposes Regulatory Facelift to the HIPAA Security Rule: Addressing the Current Cybersecurity Environment with More...

Polsinelli on

On January 6, 2025, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published a “Notice of Proposed Rulemaking,” HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected...more

Blank Rome LLP

HHS OCR Issues Notice of Proposed Rulemaking to Strengthen Cybersecurity for ePHI

Blank Rome LLP on

On December 27, 2024, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) issued a Notice of Proposed Rulemaking (“NPRM”) to amend the Health Insurance Portability and Accountability Act...more

Clark Hill PLC

HHS OCR Proposes Updates to the HIPAA Security Rule to Respond to Emerging Threats

Clark Hill PLC on

On Dec. 27, the Department of Health and Human Services (HHS) issued proposed updates to the HIPAA Security Rule to address evolving cybersecurity threats in healthcare. Introduced through a Notice of Proposed Rulemaking...more

Robinson+Cole Data Privacy + Security Insider

American Addiction Centers Hit with PHI Breach Class Action

American Addiction Centers Inc. faces a class action in the Middle District of Tennessee for allegations that it violated the Health Insurance Portability and Accountability Act (HIPAA) by failing to protect patient data from...more

593 Results
 / 
View per page
Page: of 24

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide