Updates to Statute 1557 that Healthcare Providers Need to Know
Privacy and Healthcare Business Associates with Isabella Porter
State Law Privacy Video Series | Healthcare Entities and Health Data
Gerry Blass on Healthcare Vendor Risk Management
AGG Talks: Technology - In the Balance: Interoperability and Security
Is Your Practice's Marketing HIPAA Compliant?
Relaxed HIPAA Restrictions For Providers Using Telehealth
Compliance Perspectives: Permissible Disclosures under HIPAA, Especially in the Time of COVID-19
Polsinelli Podcasts - Confusion to Clarity on the Future of the 340B Program
Polsinelli Podcast - HIPAA Changes Overview
Our Back-to-Basics series celebrates back-to-school season by taking a fresh look at some basic compliance obligations....more
As previously discussed in our prior blog post, on August 1, 2025, the Department of Health and Human Services (HHS) issued a Notice announcing a much-anticipated 340B Rebate Model Pilot Program (Pilot Program). Subsequently,...more
On June 20, Texas enacted S.B. 1188, joining only a handful of states that are taking artificial intelligence (AI) and data offshoring restrictions into their own hands. The law applies to most healthcare providers and all...more
It is back-to-school season, and The Healthcare Compliance Pod is going back to school too! Each week in August, we’re discussing one fundamental basic compliance obligation for healthcare providers, centered exclusively on...more
Structure & Timing of the Pilot Program - On August 1, 2025, the Health Resources and Services Administration (HRSA), administrator of the 340B Drug Pricing Program, announced its voluntary 340B Rebate Model Pilot Program in...more
On July 31, 2025, the U.S. Department of Health and Human Services (HHS) announced that it will conduct a pilot program testing out a rebate model for 340B drug purchases. Under the program, drug manufacturers will be allowed...more
Whenever the topic of health and medical data comes up, the prevailing assumption often is that any of this information is subject to the federal Health Insurance Portability and Accountability Act (HIPAA) just by virtue of...more
On July 31, 2025, notice was published in the Federal Register by the Health Resources and Services Administration (“HRSA”) of a “340B Rebate Model Pilot Program” (“340B Pilot Program”). The 340B Pilot Program’s stated...more
On the heels of multiple lawsuits disrupting drug manufacturers’ efforts to convert the 340B Program into a rebate-based model, the Health Resources and Services Administration (HRSA) released a Notice[1] announcing the...more
On June 18, 2025, the U.S. District Court for the Northern District of Texas issued a decision in Carmen Purl, et al. v. United States Department of Health and Human Services, et al., vacating nearly all of the 2024 HIPAA...more
On Wednesday, July 9, 2025, the United States Department of Justice (“DOJ”) issued more than 20 subpoenas to physicians and clinics (the “Providers”) who provide gender-affirming care to transgender youth. According to the...more
A federal judge in Texas just tossed out Biden-era reproductive healthcare privacy protections, halting a 2024 final rule with nationwide effect. The rule, which largely took effect in December and created new HIPAA privacy...more
A single incident that may have started as a personal vendetta or an extortion threat seven years ago has cost a Florida health care system $800,000, and comes on the heels of an unrelated breach suffered by a different...more
Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more
Find this week’s updates on 340B litigation to help you stay in the know on how 340B cases are developing across the country. Each week we comb through the dockets of more than 50 340B cases to provide you with a quick...more
On May 6, 2024, OCR published the final rule interpreting and implementing Section 1557 at 45 C.F.R. § 92 (the Final Rule). The Final Rule regulates the use of patient care decision support tools, including AI algorithms for...more
The HIPAA Security Rule may soon undergo a big overhaul that would better defend healthcare data from cybersecurity threats – and require much more from covered entities when it comes to establishing and maintaining defenses....more
On January 6, 2025 the U.S. Department of Health and Human Services published a Proposed Rule (90 FR 898) to strengthen the HIPAA Security Rule and afford greater cybersecurity protections for electronic protected health...more
On January 6, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published significant proposed amendments (proposed rule) to the Security Rule under the Health Insurance Portability and...more
The U.S. Department of Health and Human Services (HHS) has issued a Notice of Proposed Rulemaking (NPRM) that strengthens the Security Rule of the Health Insurance Portability and Accountability Act (HIPAA), which, if...more
What better way to welcome the new year than with proposed new HIPAA Security Rules? As 2024 came to an end, the U.S. Department of Health and Human Services announced new proposed regulations to strengthen cybersecurity and...more
For the first time in 11 years, the US Department of Health and Human Services (HHS) has proposed updating the Security Rule under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The Proposed Rule, to...more
The U.S. Department of Health and Human Services (HHS) has issued an unpublished Notice of Proposed Rulemaking (NPRM) that strengthens the Health Insurance Portability and Accountability Act (HIPAA) Security Rule and, if...more
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule regulations have been updated to impose additional requirements on covered entities to safeguard the privacy of reproductive health related...more
As of December 23, health care providers, health plans, and health care clearinghouses (covered entities) and their business associates (collectively, regulated entities) must comply with new reproductive health care privacy...more