News & Analysis as of

Protected Health Information Data Security Department of Health and Human Services (HHS)

Robinson+Cole Data Privacy + Security Insider

Insight Into DOGE’s Access to HHS’ Systems

Becker’s Hospital Review reports that the Department of Government Efficiency (DOGE) “has access to sensitive information in 19 HHS databases and systems,” according to a court filing obtained by Wired. HHS provided the...more

Bradley Arant Boult Cummings LLP

AI Meets HIPAA Security: Understanding HHS’s Risk Strategies and Proposed Changes

In this final blog post in the Bradley series on the HIPAA Security Rule notice of proposed rulemaking (NPRM), we examine how the U.S. Department of Health and Human Services (HHS) Office for Civil Rights interprets the...more

Nilan Johnson Lewis PA

Nine Steps Healthcare Entities Should Take to Prevent Cyberattacks

Nilan Johnson Lewis PA on

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently imposed a $1.5 million civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of eyewear, for...more

Bradley Arant Boult Cummings LLP

HHS’s Proposed Security Rule Updates Could Require Group Health Plan Document Changes and New Plan Sponsor Security Practices

Proposed regulations may require employers to invest additional resources to safeguard group health plan participants’ protected health information. In this installment of our blog series on the U.S. Department of Health...more

McGuireWoods LLP

HHS Proposed Rule May Enhance HIPAA Security but Leaves AI Questions Open

McGuireWoods LLP on

In response to increased cybersecurity threats and significant regulatory enforcement actions, on Dec. 27, 2024, the Department of Health and Human Services (HHS) issued a Notice of Proposed Rulemaking seeking to enhance...more

Paul Hastings LLP

HHS OCR Releases Proposed Updates to HIPAA Security Rule

Paul Hastings LLP on

On December 27, 2024, the U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), announced a Notice of Proposed Rulemaking (NPRM) to amend the Security Standards for the Protection of...more

McCarter & English, LLP

Season of Enforcement: OCR Announces Its Sixth Enforcement Action of 2025

With 2025 barely three weeks old, the US Department of Health and Human Services Office for Civil Rights (OCR) has already announced six enforcement actions for the new year. Particularly significant is the advancement of...more

Cozen O'Connor

Proposed Changes to the HIPAA Security Rule Will Have a Significant Impact on the Health Care Sector

Cozen O'Connor on

A few days ago, the U.S. Department of Health and Human Services (“HHS”), through its Office for Civil Rights, issued the proposed rule HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected Health...more

Whiteford

Client Alert: HIPAA Happenings: U.S. Department of Health and Human Services Proposes Updated HIPAA Cybersecurity Rules

Whiteford on

On January 6, 2025, the U.S. Department of Health and Human Services (“DHHS”) Office of Civil Rights (“OCR”) published a proposed rule entitled, “HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Health...more

Akerman LLP - Health Law Rx

New Year, New HIPAA Security Rule Requirements? OCR Proposes Sweeping Changes for HIPAA Security Rule to Bolster Cybersecurity

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently proposed a sweeping rewrite of the HIPAA Security Rule that, if finalized, will require that many Covered Entities and their...more

Polsinelli

OCR Proposes Regulatory Facelift to the HIPAA Security Rule: Addressing the Current Cybersecurity Environment with More...

Polsinelli on

On January 6, 2025, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published a “Notice of Proposed Rulemaking,” HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected...more

Troutman Pepper Locke

HIPAA Security Rule Revamp Is on the Horizon

Troutman Pepper Locke on

On January 6, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published significant proposed amendments (proposed rule) to the Security Rule under the Health Insurance Portability and...more

Shook, Hardy & Bacon L.L.P.

OCR Delivers A Year-End Surprise: A Draft Update of HIPAA's Security Rule

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) delivered a late-December surprise: a draft overhaul of the Health Insurance Portability and Accountability Act of 1996’s (HIPAA) Security Rule....more

Quarles & Brady LLP

Fresh From the Oven: OCR-HHS Issues a Notice of Proposed Rulemaking for the HIPAA Security Rule

Quarles & Brady LLP on

‘Tis the season for holiday baking and the elves at the U.S. Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), have been diligently crafting their own holiday treat. On December 27,...more

Jackson Lewis P.C.

OCR Proposed Tighter Security Rules for HIPAA Regulated Entities, including Business Associates and Group Health Plans

Jackson Lewis P.C. on

As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more

Saul Ewing LLP

No “Trick”: Plastic Surgery Practice Agrees to Pay a $500,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

On October 31, 2024, the U.S. Department of Health and Human Services (“HHS”), Office of Civil Rights (“OCR”) announced a $500,000 settlement with Plastic Surgery Associates of South Dakota (“PSA”) concerning potential...more

Sheppard Mullin Richter & Hampton LLP

Over 940,000 Medicare Beneficiaries Impacted by Data Breach

The Centers for Medicare & Medicaid Services (“CMS”) and its contractor, Wisconsin Physicians Service Insurance Corporation (“WPS”), recently notified over 940,000 Medicare beneficiaries of a data breach that has potentially...more

Quarles & Brady LLP

HHS Tracking Technology Guidance Vacated by Federal Court

Quarles & Brady LLP on

On Thursday, June 20, 2024, a U.S. District Court Judge ruled that the U.S. Department of Health and Human Services, Office for Civil Rights (“HHS”) overstepped its authority to act when issuing its December 2022 bulletin...more

Sheppard Mullin Richter & Hampton LLP

HIPAA Web Tracking Guidance Vacated

Last week, in a significant win for the American Hospital Association plaintiff, the U.S. District Court for the Northern District of Texas issued an opinion vacating the Department of Health and Human Services’ (“HHS”)...more

Holland & Knight LLP

What HIPAA Security Rule Surprises Await Healthcare Providers for the Second Half of 2024?

Holland & Knight LLP on

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has, as part of its mandate, the responsibility to enforce the Health Insurance Portability and Accountability Act (HIPAA) Security Rule....more

ArentFox Schiff

Key Takeaways from OCR’s CY22 HIPAA Reports to Congress

ArentFox Schiff on

On February 14, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its annual reports to Congress detailing its actions to enforce the privacy, security, and breach notification...more

Epiq

Healthcare Organizations Can Meet New HHS Cybersecurity Goals with the Help of Tabletop Exercises

Epiq on

In today’s digital age, securing sensitive healthcare data is paramount. With the rise in cyber threats targeting healthcare organizations, the Department of Health and Human Services (HHS) has taken proactive steps to...more

Robinson+Cole Health Law Diagnosis

Forecasting the Integration of AI into Health Care Compliance Programs

Health care entities maintain compliance programs in order to comply with the myriad changing laws and regulations that apply to the health care industry. Although laws and regulations specific to the use of artificial...more

Tucker Arensberg, P.C.

HIPAA Fundamentals for Providers

Tucker Arensberg, P.C. on

In March of this year, The Office for Civil Rights of the Department of Health and Human Services issued a letter addressing the recent cybersecurity incident impacting many health care entities, primarily Change Healthcare,...more

Katten Muchin Rosenman LLP

OCR Updates Guidance on Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates

On March 18, the Office for Civil Rights (OCR) at the US Department of Health and Human Services (HHS) updated its guidance on the use of online tracking technologies by covered entities and business associates (regulated...more

106 Results
 / 
View per page
Page: of 5

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide