News & Analysis as of

Covered Entities Department of Health and Human Services (HHS) Business Associates

Bass, Berry & Sims PLC

Court Vacates HIPAA 2024 Final Rule Related to Reproductive Health Care Privacy

Bass, Berry & Sims PLC on

On June 18, 2025, the U.S. District Court for the Northern District of Texas issued an opinion that vacates the 2024 final rule that enhanced privacy protections for protected health information (PHI) related to reproductive...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

2025 Enforcement Trends: Risk Analysis Failures at the Center of HHS’s Multimillion-Dollar HIPAA Penalties

Ogletree, Deakins, Nash, Smoak & Stewart,... on

In the first five months of 2025, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced it had entered into ten Health Insurance Portability and Accountability Act (HIPAA) resolution...more

Health Care Compliance Association (HCCA)

Former OCR Director Fontes Rainer Reflects On ‘Imperfect’ RSP Law, Urges Final Security Reg

Health Care Compliance Association (HCCA) on

In October, the HHS Office for Civil Rights (OCR) fined Providence Medical Institute (PMI) $240,000, an amount that reflected a 20% discount for having “recognized security practices” (RSPs) in place. But many more covered...more

Fisher Phillips

Proposed Updates to HIPAA Security Rule Would Require Entities to Adopt Enhanced Cybersecurity Measures

Fisher Phillips on

The HIPAA Security Rule may soon undergo a big overhaul that would better defend healthcare data from cybersecurity threats – and require much more from covered entities when it comes to establishing and maintaining defenses....more

McCarter & English, LLP

Proposed HIPAA Security Rule Amendments: Not Too Soon to Take Stock

McCarter & English, LLP on

On January 6, 2025 the U.S. Department of Health and Human Services published a Proposed Rule (90 FR 898) to strengthen the HIPAA Security Rule and afford greater cybersecurity protections for electronic protected health...more

Sheppard Mullin Richter & Hampton LLP

HHS’ Last-Minute Holiday Gift: Proposed Changes to the HIPAA Security Rule

Sheppard Mullin Richter & Hampton LLP on

The U.S. Department of Health and Human Services (“HHS”) issued a Notice of Proposed Rulemaking (the “Proposed Rule”) on December 27, 2024, to significantly amend HIPAA’s Security Rule, which sets forth the security standards...more

Morgan Lewis

HHS Proposes Major 2025 Update to HIPAA Security Rule

Morgan Lewis on

For the first time in 11 years, the US Department of Health and Human Services (HHS) has proposed updating the Security Rule under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The Proposed Rule, to...more

Holland & Knight LLP

Big Changes Proposed for the HIPAA Security Rule

Holland & Knight LLP on

The U.S. Department of Health and Human Services (HHS) has issued an unpublished Notice of Proposed Rulemaking (NPRM) that strengthens the Health Insurance Portability and Accountability Act (HIPAA) Security Rule and, if...more

Foley Hoag LLP - Security, Privacy and the...

HHS Office for Civil Rights Proposes Measures to Strengthen Cybersecurity in Health Care Under HIPAA

Foley Hoag LLP - Security, Privacy and the... on

The Department of Health and Human Services (HHS) has proposed significant modifications to the HIPAA Security Rule and the HITECH Act in an attempt to strengthen cybersecurity protections for electronic protected health...more

Brooks Pierce

OIG Recommends Changes to HIPAA Audit Program to Strengthen Data Protections, Implications for Regulated Entities

Brooks Pierce on

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is required by law to perform periodic audits of covered entities and business associates to ensure their compliance with HIPAA Security Rule...more

Holland & Knight LLP

HIPAA Tidings: A Look at OCR's Recent Enforcement Actions

Holland & Knight LLP on

In addition to holiday celebrations, the month of December typically ushers in a final round of enforcement actions by the U.S. Department of Health and Human Services' (HHS) Office of Civil Rights (OCR), and 2024 is no...more

BakerHostetler

DSIR Deeper Dive: Tracking the Crackdown on Tracking/Pixel Technologies: Web Litigation and Regulatory Landscape - Part 2

BakerHostetler on

In the first part of this blog post, we looked into the OCR and FTC’s focus on third-party tracking technologies. We also reviewed the AHA Lawsuit and its impact for the use of tracking technologies. In this blog post, we...more

Health Care Compliance Association (HCCA)

Recognized Security Practices ‘Saved’ Covered Entity $60K of $300K Fine, But Which Ones Remain a Mystery

Health Care Compliance Association (HCCA) on

Covered entities (CEs) and business associates (BAs) may receive a “discount” for having recognized security practices (RSPs) in place when the HHS Office for Civil Rights (OCR) calculates financial penalties for Security...more

BakerHostetler

6 Important Takeaways for HIPAA Covered Entities and Business Associates from 2024 NIST HHS OCR Conference

BakerHostetler on

On October 23-24, 2024, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) Information Technology Laboratory hosted the Safeguarding...more

Dentons

Ep. 37 – Updating HIPAA Policies to Address HHS’ New Reproductive Health Care Rule

Dentons on

Effective December 23, 2024, HIPAA-covered entities and their business associates will be required to comply with new restrictions on how protected health information may be used and disclosed for certain purposes relating to...more

Health Care Compliance Association (HCCA)

HHS Abandons Appeal in Public Website Pixel Case, But CEs and BAs Should Expect Continued Scrutiny

Health Care Compliance Association (HCCA) on

The HHS Office for Civil Rights (OCR) has abandoned its appeal of a federal judge’s ruling overturning OCR’s guidance prohibiting covered entities (CEs) and business associates (BAs) from using the web-tracking technologies...more

BCLP

Action Items as a Result of HIPAA Privacy Rule Modifications

BCLP on

On April 22, 2024, the U.S. Department of Health and Human Services (“HHS”) issued new regulations under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) that impose new restrictions on the use and...more

BCLP

Federal Court Rejects Motion to Dismiss Wiretap Claims Using HIPAA to Support Crime-Tort Exception Allegations

BCLP on

It has now become commonplace for Plaintiffs’ attorneys to bring claims alleging that routine marketing techniques, including the deployment of behavioral advertising cookies and pixels, constitute wiretaps in violation of...more

Verrill

HHS Issues Model Attestation Required by Final HIPAA Regulations Supporting Reproductive Health Care Privacy

Verrill on

On April 26, 2024, the U.S. Department of Health and Human Services (HHS) and Office for Civil Rights (OCR) published Final Regulations under HIPAA’s Privacy Rule introducing greater protections for information related to...more

Goodwin

Federal Judge Vacates Health and Human Services Pixel Tracking Guidance

Goodwin on

On June 20, 2024, a Texas federal judge ruled that guidance published by the Department of Health and Human Services (the Department) prohibiting covered entities from disclosing information collected by third-party...more

Venable LLP

Federal Court Strikes Blow to HHS Guidance on “Online Tracking Technologies”

Venable LLP on

Last week, a federal district court in Texas issued a decision declaring unlawful and vacating a central component of a guidance document (the Bulletin) from the Department of Health and Human Services (HHS) Office for Civil...more

Shook, Hardy & Bacon L.L.P.

Court Vacates Key Portion of OCR’s Online Tracking Tool Guidance

Shook, Hardy & Bacon L.L.P. on

On June 20, 2024, a federal court vacated key portions of regulatory guidance on the treatment of information collected by online tracking tools. At issue was the U.S. Department of Health and Human Services Office for Civil...more

Goodwin

HHS-OCR Publishes Final HIPAA Privacy Rule Expanding Reproductive Health Care Privacy and Further Supporting Patient...

Goodwin on

On April 26, 2024, almost a year after issuing a notice of proposed rulemaking to modify the Privacy Rule, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) finalized the HIPAA Privacy Rule to...more

BCLP

New HHS Guidance on Cookies

BCLP on

On March 18, 2024, the Office of Civil Rights (“OCR”) within the Department of Health and Human Services (“HHS”) updated prior guidance concerning the use of online tracking technologies, including cookies, by Covered...more

Stinson - Benefits Notes Blog

HHS Supports Reproductive Health Care Privacy by Modifying the HIPAA Privacy Rule

Stinson - Benefits Notes Blog on

The Department of Health and Human Services’ (“HHS”) Office for Civil Rights recently published a final rule (the “Final Rule“) which provides additional privacy protections related to the use and disclosure of reproductive...more

270 Results
 / 
View per page
Page: of 11
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide