News & Analysis as of September 10, 2025

Business Associates › Cyber Attacks › Data Protection

+ Follow

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc. less -

3 Takeaways From Recent Cyberattacks On Healthcare Cos.

Troutman Pepper Locke on 9/4/2025

Significant data breaches have affected major players in the healthcare industry in the last year, with the methods of attack being as diverse as the affected entities themselves. Originally published in Law360 - June 4,...more

Proposed Updates to HIPAA Security Rule Would Require Entities to Adopt Enhanced Cybersecurity Measures

Fisher Phillips on 1/7/2025

The HIPAA Security Rule may soon undergo a big overhaul that would better defend healthcare data from cybersecurity threats – and require much more from covered entities when it comes to establishing and maintaining defenses....more

OIG Recommends Changes to HIPAA Audit Program to Strengthen Data Protections, Implications for Regulated Entities

Brooks Pierce on 12/5/2024

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is required by law to perform periodic audits of covered entities and business associates to ensure their compliance with HIPAA Security Rule...more

Insider Threats to Healthcare Data: What You Need to Know and 5 Steps You Can Take Now

Fisher Phillips on 5/22/2024

Healthcare data breaches are occurring more frequently and on larger scales than ever before – and while you defend against cyberattacks and other external threats, make sure you do not overlook the critical role your...more

‘I Will Not Rest’; ‘I Am All In’: Remarkable Breach Hearing Sees Pledges by UHG CEO, Sen. Wyden

Health Care Compliance Association (HCCA) on 5/13/2024

United Healthcare Group (UHG) CEO Andrew Witty was in a board meeting on Feb. 21 when officials interrupted with the news that Change Healthcare—a clearinghouse UHG subsidiary Optum had purchased for $1.3 billion in October...more

2022 Outlook: More Dangerous Ransomware Coupled With Inadequate Security Practices

Health Care Compliance Association (HCCA) on 1/17/2022

Report on Patient Privacy 22, no. 1 (January, 2022) - As the COVID-19 pandemic enters its third year, real “security fatigue” with pandemic-related issues will combine with cybercriminals’ increasingly sophisticated...more

Compliance Refresher: Get Cozy With IT Folks, Review Insurance, Fine-Tune Policies, Training

Health Care Compliance Association (HCCA) on 11/15/2021

Report on Patient Privacy 21, no. 11 (November, 2021) - Attorney Brad Hammer doesn’t always don a suit and tie, or what he calls his “lawyer’s uniform.” A privacy and security expert and founder of the Vakaris Group based...more

FBI: More Awareness, Due Diligence Needed To Fight China in New ‘Space Race’ for Data

Health Care Compliance Association (HCCA) on 10/15/2021

Report on Patient Privacy 21, no. 10 (October, 2021) - Conducting a risk analysis is a basic tenet of security compliance, with the overarching goal of understanding where protected health information (PHI) “lives” in an...more

Cyber Criminals Focusing on Clinics + Business Associates

Robinson+Cole Data Privacy + Security Insider on 10/7/2021

As hospital systems become more hardened to cyber-attacks, cyber criminals are focusing their efforts on smaller providers, such as outpatient clinics, specialty clinics and business associates, according to a report by...more

Nick Culbertson on Compliance Breaches in Healthcare

Health Care Compliance Association (HCCA) on 7/15/2021

Preventing data breaches is a critical task for all businesses these days, but it’s especially so in healthcare. No one wants to see health information disclosed, and the risks of a ransomware attack are enormous, literally...more

Security Threats Soar From Nation-State Bad Actors as the New Year Gets Underway

Health Care Compliance Association (HCCA) on 1/13/2021

Report on Patient Privacy 18, no. 1 (January 2021) - Security threats to health care entities will continue to escalate in 2021, as bad actors with significant capabilities target pandemic-weary organizations still...more

My Entity Just Experienced a Cyber-Attack! What Do We Do Now?

Balch & Bingham LLP on 6/19/2017

On June 9, 2017, the U.S. Department of Health and Human Services (HHS), Office of Civil Rights (OCR) released a cyber-attack “Quick Response” checklist (the Checklist) for the benefit of HIPAA covered entities and business...more

OCR Publishes Checklist and Infographic for Cyber Attack Response

Mintz - Health Care Viewpoints on 6/14/2017

OCR released a simple checklist and infographic last week to assist Covered Entities and Business Associates with responding to potential cyber attacks. As cybersecurity remains a pressing concern for health care entities,...more

Data-Harvesting Zombie Hackers, Blood-Thirsty Auditors, and Other Reasons to be Scared on Halloween

Mintz - Health Care Viewpoints on 10/30/2015

This Halloween, the scariest monsters might not be in your closet or under your bed. They may be overseas, orchestrating intrusions into your electronic medical record. Or they may be lurking in your own workforce, carrying...more

New Study Finds That Criminal Attacks Are The Number One Cause Of Health Sector Data Breaches

King & Spalding on 5/18/2015

On May 7, 2015, the Ponemon Institute released its Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data (the “Study”), which surveyed 90 HIPAA covered entities and 88 business associates regarding their...more

15 Results

/

View per page

Page: of 1