On May 14, 2025, the U.S. Department of Health and Human Services (HHS) issued its Request for Information (RFI) “Ensuring Lawful Regulation and Unleashing Innovation To Make American Healthy Again,” which HHS describes as...more
7/8/2025
/ Comment Period ,
Department of Health and Human Services (HHS) ,
Deregulation ,
Executive Orders ,
Healthcare ,
Public Comment ,
Regulatory Reform ,
Regulatory Requirements ,
Reporting Requirements ,
Request For Information ,
Risk Management ,
Stakeholder Engagement ,
Trump Administration
On October 2, the New York State Department of Health (NYSDOH) issued new cybersecurity regulations (Regulations) for all general hospitals in New York state (“hospitals”), creating a new Section 405.46 in Title 10 (Health)...more
12/11/2024
/ Amended Regulation ,
Compliance ,
Covered Entities ,
Cyber Incident Reporting ,
Cybersecurity ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Hospitals ,
Incident Response Plans ,
Information Management ,
PHI ,
Risk Assessment ,
Security and Privacy Controls ,
State Budgets ,
State Health Departments ,
Strategic Planning
On October 31, 2024, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) embraced the end of Spooky Season by announcing two more ransomware-related enforcement actions. ...more
11/19/2024
/ Covered Entities ,
Cyber Attacks ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Enforcement Actions ,
HIPAA Security Rule ,
OCR ,
Penalties ,
Ransomware ,
Right of Access ,
Risk Assessment ,
Risk Management