Kimberly Gordy

Kimberly Gordy

BakerHostetler

Contact
View Bio
RSS

Latest Posts › Covered Entities

Share:

A New Budgetary Line Item for 2025 - New York-based Hospitals Should Plan Now for the Fiscal and Operational Costs Associated with...

On October 2, the New York State Department of Health (NYSDOH) issued new cybersecurity regulations (Regulations) for all general hospitals in New York state (“hospitals”), creating a new Section 405.46 in Title 10 (Health)...more

12/11/2024  /  Amended Regulation , Compliance , Covered Entities , Cyber Incident Reporting , Cybersecurity , Health Insurance Portability and Accountability Act (HIPAA) , Hospitals , Incident Response Plans , Information Management , PHI , Risk Assessment , Security and Privacy Controls , State Budgets , State Health Departments , Strategic Planning

It’s Officially Enforcement Season: OCR Announces First Penalty Under New Risk Analysis Initiative

On October 31, 2024, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) embraced the end of Spooky Season by announcing two more ransomware-related enforcement actions. ...more

11/19/2024  /  Covered Entities , Cyber Attacks , Department of Health and Human Services (HHS) , Electronic Protected Health Information (ePHI) , Enforcement Actions , HIPAA Security Rule , OCR , Penalties , Ransomware , Right of Access , Risk Assessment , Risk Management

The Long-Awaited Part 2 Modifications Are Finalized with New Obligations for Part 2 Providers and Less Friction for Sharing...

On February 8, 2024, the U.S. Department of Health & Human Services (HHS) released a final rule modifying 42 CFR Part 2 (Part 2) provisions regarding the confidentiality of Substance Use Disorder (SUD) Patient Records. The...more

3/1/2024  /  Administrative Procedure , Business Associates , CARES Act , Compliance , Consent , Covered Entities , Data-Sharing , Department of Health and Human Services (HHS) , Final Rules , Health Care Providers , HIPAA Breach Notification Rule , HITECH Act , Information Sharing , Opioid , Patient Privacy Rights , PHI , Prior Authorization , Public Health , SAMHSA , Substance Abuse , Tribal Governments

OCR releases YouTube Addressing “Recognized Security Practices” in HIPAA Enforcement Context

As a Halloween treat for HIPAA-covered entities and business associates, on October 31, the Department of Health and Human Services Office for Civil Rights (OCR) released a new video on its YouTube channel, in which senior...more

11/14/2022  /  Business Associates , Covered Entities , Data Protection , Data Security , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , NIST , OCR , PHI

Sounding the Alarm: New Federal Law Will Mandate the Reporting of Cybersecurity Incidents Involving Critical Infrastructure - What...

In response to increased and persistent cybersecurity threats to American infrastructure, Congress passed the Strengthening American Cybersecurity Act (SACA), which President Joe Biden signed into law on March 15. SACA is...more

3/18/2022  /  Biden Administration , Covered Entities , Critical Infrastructure Sectors , Cyber Attacks , Cyber Incident Reporting , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , New Legislation , Ransomware
5 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide