Material updates to the HIPAA Security Rule could be on the way — affecting all HIPAA-regulated entities — for the first time in two decades. The Department of Health and Human Services (HHS) issued a Notice of Proposed...more
1/7/2025
/ Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Security Rule ,
Multi-Factor Authentication ,
NIST ,
Notice of Proposed Rulemaking (NOPR) ,
Policies and Procedures ,
Proposed Rules ,
Ransomware ,
Risk Management
In an important development for HIPAA-regulated entities looking for practical assistance in understanding, implementing, and enhancing compliance with the HIPAA Security Rule, the National Institute of Standards and...more
Substance Use Disorder (SUD) programs and HIPAA-regulated entities seeking to streamline their privacy and security practices and workflows received welcome news from the U.S. Department of Health & Human Services (HHS) last...more
2/13/2024
/ Applicability Date ,
Breach Notification Rule ,
CARES Act ,
Consent ,
Department of Health and Human Services (HHS) ,
Disclosure Requirements ,
Electronic Protected Health Information (ePHI) ,
Final Rules ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Notice of Proposed Rulemaking (NOPR) ,
Patient Rights ,
Penalties ,
PHI ,
Substance Abuse
The National Institute of Standards and Technology (NIST) has released an initial draft of Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide (Resource...more
The Federal Trade Commission (FTC) just released a Policy Statement emphasizing how telemedicine and digital health apps can be held accountable under the Health Breach Notification Rule, even if the company is not subject to...more
On January 14, 2021, the U.S. Court of Appeals for the Fifth Circuit vacated the civil monetary penalty (CMP) imposed by the Department of Health and Human Services (HHS) against the University of Texas M.D. Anderson Cancer...more
The Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services recently published its findings from audits conducted in 2016 and 2017 of covered entities’ and business associates’ compliance with...more
1/15/2021
/ Audits ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach Notification Rule ,
HIPAA Privacy Rule ,
Notice of Privacy Practices ,
Notice of Proposed Rulemaking (NOPR) ,
OCR ,
Right of Access ,
Risk Management ,
Security Risk Assessments
The coronavirus (provisionally named SARS-CoV-2, with its disease being named COVID-19) has now been documented in more than 100 countries and territories. Over 120,000 cases have now been documented across the globe,...more
The U.S. Department of Health and Human Services (HHS) recently proposed two new rules designed to increase patient and provider access to health records. As stated by HHS in its press release, the proposed rules “will...more
2/21/2019
/ Centers for Medicare & Medicaid Services (CMS) ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Exchanges ,
Health Insurance Portability and Accountability Act (HIPAA) ,
MIPS ,
ONC ,
Patient Privacy Rights ,
Proposed Rules ,
Public Comment