News & Analysis as of

Compliance Health Insurance Portability and Accountability Act (HIPAA) Risk Management

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
Ropes & Gray LLP

Navigating TRAIGA: Texas’s New AI Compliance Framework

Ropes & Gray LLP on

On June 22, 2025, Texas enacted the Texas Responsible Artificial Intelligence Governance Act (“TRAIGA”), putting it at the forefront of state-level AI regulation in the United States. TRAIGA becomes effective January 1, 2026....more

Foley & Lardner LLP

HIPAA Compliance Risks with AI Scribes in Health Care: What Digital Health Leaders Need to Know

Foley & Lardner LLP on

AI scribes are quickly becoming the digital sidekick of modern health care. They promise to reduce clinician burnout, streamline documentation, and improve the patient experience. But as health care providers and digital...more

Holland & Knight LLP

Podcast: Addressing Patient Complaints About Privacy Violations

Holland & Knight LLP on

In the third and final episode of Florida Capital Conversations' healthcare privacy series, Tallahassee attorneys Shannon Hartsfield and Eddie Williams join hosts Nathan Adams and Mia McKown to discuss the challenges of...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Basic Compliance Academy - July 21st - 24th, Nashville, TN

Grounded in the OIG’s General Compliance Program Guidance and DOJ’s Evaluation of Corporate Compliance Programs, our immersive, three-and-a-half-day, classroom-style Healthcare Basic Compliance Academy equips compliance...more

Foley & Lardner LLP

HIPAA Compliance for AI in Digital Health: What Privacy Officers Need to Know

Foley & Lardner LLP on

Artificial intelligence (AI) is rapidly reshaping the digital health sector, driving advances in patient engagement, diagnostics, and operational efficiency. However, for Privacy Officers, AI’s integration into digital health...more

Health Care Compliance Association (HCCA)

Top Healthcare Compliance Priorities for 2025

Recently Protiviti released an intriguing report: Top Compliance Priorities for U.S. Healthcare Organizations in 2025. In this podcast their Global Healthcare Compliance Leader, Leyla Erkan, CHC, CHP, CHRC, shares some of the...more

Ankura

HIPAA Security Risk Analysis – How should regulated entities prepare for the Office for Civil Rights (OCR) Risk Analysis Audit...

Ankura on

Following the Office for Civil Rights (OCR) recent publication of four settlements as part of a new Risk Analysis Audit Initiative. We explore the current regulatory language for Risk Analysis, the proposed language for Risk...more

Purpose Legal

Top AI-Related Concerns in eDiscovery—And How to Address Them

Purpose Legal on

As a Vice President of Regional Sales at Purpose Legal, I spend a lot of time speaking with legal teams about their biggest concerns when it comes to AI in eDiscovery. Whether I’m meeting with corporate legal departments, law...more

Foley Hoag LLP - Security, Privacy and the...

HHS OCR Settles HIPAA Security Rule Investigation with Health Fitness Corporation

On March 21, 2025, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement of HIPAA security rule claims involving Health Fitness Corporation (Health Fitness). Health Fitness...more

Jackson Lewis P.C.

Health Fitness, OCR’s Risk Analysis Initiative, and the ERISA Fiduciary Duty to Select Plan Service Providers

Jackson Lewis P.C. on

On Friday, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced the fifth enforcement action under its Risk Analysis Initiative. In this case, OCR reached a settlement with Health...more

Burr & Forman

Time for Spring Cleaning – Is Your HIPAA House Ready?

Burr & Forman on

When it comes to compliance with the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (“HIPAA”), is your house in order? Has someone recently looked underneath the counter and...more

Gardner Law

Recent Enforcement Reminds Companies: Assess HIPAA Compliance

Gardner Law on

A HIPAA compliance assessment is an evaluation of an organization's practices, policies, and procedures to ensure that they align with requirements from the Health Insurance Portability and Accountability Act (“HIPAA”). It...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Basic Compliance Academy - March 24th - 27th, Chicago, IL

Ideal for practitioners who want to build strong foundational knowledge of compliance program management in a healthcare setting and how to apply that knowledge in practice. Attendees will come away better prepared to...more

Robinson+Cole Data Privacy + Security Insider

Warby Parker Settles Data Breach Case with OCR for $1.5M

Eyeglass manufacturer and retailer Warby Parker recently settled a 2018 data breach investigation by the Office for Civil Rights (OCR) for $1.5 million. According to OCR’s press release, Warby Parker self-reported that...more

Mintz - Privacy & Cybersecurity Viewpoints

Latest Installment of our Mintz Matrix!

Please visit here to visit our Mintz Matrix page with the latest edition of the Mintz Matrix, which is a 50-state resource we have maintained since 2009 to break down and summarize requirements of U.S. state data breach...more

Benesch

OCR Proposes Modification to HIPAA Security Rule

Benesch on

In late December 2024, the Office of Civil Rights at the U.S. Department of Health and Human Services (“OCR”) issued a notice of proposed rulemaking to modify the Security Standards to the Protection of Electronic Protected...more

Nilan Johnson Lewis PA

Nine Steps Healthcare Entities Should Take to Prevent Cyberattacks

Nilan Johnson Lewis PA on

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently imposed a $1.5 million civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of eyewear, for...more

Bradley Arant Boult Cummings LLP

HHS’s Proposed Security Rule Updates Will Require Adjustments to Accommodate Modern Vulnerability and Incident Response Issues

In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we are exploring the proposed updates...more

ArentFox Schiff

Proposed Changes to the HIPAA Security Rule: What Regulated Entities Need to Know

ArentFox Schiff on

In the final days of the Biden Administration, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a notice of proposed rulemaking (NPRM) to modify the Security Rule under the Health...more

Health Care Compliance Association (HCCA)

We’ll Take the Fine: OCR’s ‘Unwarranted,’ Costly Demands Prompted Hospital’s $538K Payment

The saga that led Children’s Hospital Colorado to accept a fine of more than $500,000 imposed by the HHS Office for Civil Rights (OCR) began on July 11, 2017, when a physician’s email account containing details on 3,300...more

Buchalter

Significant New HIPAA Obligations on Their Way for 2025

Buchalter on

The Department of Health & Human Services (HHS) issued proposed changes to the HIPAA Security Rule (“Proposed Rule”) on January 6, 2025, and is accepting comments from the public until March 7, 2025. The Proposed Rule...more

Paul Hastings LLP

HHS OCR Releases Proposed Updates to HIPAA Security Rule

Paul Hastings LLP on

On December 27, 2024, the U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), announced a Notice of Proposed Rulemaking (NPRM) to amend the Security Standards for the Protection of...more

Hogan Lovells

Slew of OCR activity underscores agency’s focus on security and AI

Hogan Lovells on

Recent enforcement actions, audit activity, proposed rulemakings, and guidance issued by the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) highlight the agency’s focus on health data...more

Epstein Becker & Green

Recent Developments in Health Care Cybersecurity and Oversight: 2024 Wrap Up and 2025 Outlook

Epstein Becker & Green on

As Cyberattacks targeting the health care sector have continued to intensify over the past year, including ransomware attacks that have resulted in major data breaches impacting health care organizations, the protection of...more

Bradley Arant Boult Cummings LLP

Introducing Bradley’s Series on HHS’s Proposed HIPAA Security Rule Updates

Bradley is launching a multipart blog series on the U.S. Department of Health and Human Services’ (HHS) proposed changes to strengthen cybersecurity protections for electronic protected health information (ePHI) regulated...more

110 Results
 / 
View per page
Page: of 5

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide