News & Analysis as of

Privacy Laws Department of Health and Human Services (HHS) Regulatory Requirements

Clark Hill PLC

Right To Know - May 2025, Vol. 29

Clark Hill PLC on

Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: Virginia Governor Signs Bill Restricting Minor’s Use of Social Media:...more

Health Care Compliance Association (HCCA)

OCR Loses Staff, Faces Move to New ‘Enforcement’ Office; Will HIPAA Focus, Independence Suffer?

Today, the HHS Office for Civil Rights (OCR) stands shoulder-to-shoulder with the likes of the Office of Inspector General and Office of General Counsel, one of just a dozen or so agencies reporting directly to the secretary....more

Bradley Arant Boult Cummings LLP

HHS Security Rule NPRM Proposes Makeover for Administrative Safeguard Compliance for Regulated Entities

In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we are exploring the proposed updates...more

Sheppard Mullin Richter & Hampton LLP

2025 Top-of-Mind Issues for Life Sciences Companies

DTC Telehealth Platforms - Arrangements involving telemedicine and direct-to-consumer (“DTC”) business services are expected to be a source of major regulatory scrutiny. In 2024, such arrangements were the focus of proposed...more

Husch Blackwell LLP

New York Legislature Passes Health Information Privacy Bill

Husch Blackwell LLP on

Last week, the New York legislature passed the New York Health Information Privacy Act (S 929) (the “Act”). If signed into law, the Act will add New York to the list of states that have enacted consumer health data-specific...more

Buchalter

Significant New HIPAA Obligations on Their Way for 2025

Buchalter on

The Department of Health & Human Services (HHS) issued proposed changes to the HIPAA Security Rule (“Proposed Rule”) on January 6, 2025, and is accepting comments from the public until March 7, 2025. The Proposed Rule...more

Husch Blackwell LLP

Compliance with the HIPAA Privacy Rule to Support Reproductive Healthcare Privacy

Husch Blackwell LLP on

On April 22, 2024, the Health and Human Services’ Office for Civil Rights (OCR) issued the HIPAA Privacy Rule to Support Reproductive Health Care Privacy Final Rule. The final rule limits the sharing of protected health...more

Bradley Arant Boult Cummings LLP

HIPAA Security Rule Updates: New Business for Business Associates

Bradley has launched a multipart blog series on the U.S. Department of Health and Human Services’ (HHS) proposed changes to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule, beginning last...more

Sheppard Mullin Richter & Hampton LLP

HHS’ Last-Minute Holiday Gift: Proposed Changes to the HIPAA Security Rule

The U.S. Department of Health and Human Services (“HHS”) issued a Notice of Proposed Rulemaking (the “Proposed Rule”) on December 27, 2024, to significantly amend HIPAA’s Security Rule, which sets forth the security standards...more

Foley Hoag LLP - Security, Privacy and the...

HHS Office for Civil Rights Proposes Measures to Strengthen Cybersecurity in Health Care Under HIPAA

The Department of Health and Human Services (HHS) has proposed significant modifications to the HIPAA Security Rule and the HITECH Act in an attempt to strengthen cybersecurity protections for electronic protected health...more

Health Care Compliance Association (HCCA)

Recognized Security Practices ‘Saved’ Covered Entity $60K of $300K Fine, But Which Ones Remain a Mystery

Covered entities (CEs) and business associates (BAs) may receive a “discount” for having recognized security practices (RSPs) in place when the HHS Office for Civil Rights (OCR) calculates financial penalties for Security...more

Health Care Compliance Association (HCCA)

Privacy Briefs: November 2024

Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more

Health Care Compliance Association (HCCA)

2nd Settlement Triggered by 2017 Ransomware Attack Costs WA Practice $100K; ‘Not a Breach’

Let’s review for a moment. It’s not a HIPAA violation to be a victim of ransomware. It’s not a HIPAA violation to pay a ransom. It’s up to the covered entity (CE) to determine if a security or privacy incident is a...more

McDermott Will & Emery

Federal Court Invalidates Key Part of HHS OCR Bulletin Regarding Application of HIPAA to Online Tracking Technologies

McDermott Will & Emery on

In a consequential decision for Health Insurance Portability and Accountability Act (HIPAA)-regulated entities, on June 20, 2024, the US District Court for the Northern District of Texas ruled in American Hospital Association...more

Health Care Compliance Association (HCCA)

‘I Will Not Rest’; ‘I Am All In’: Remarkable Breach Hearing Sees Pledges by UHG CEO, Sen. Wyden

United Healthcare Group (UHG) CEO Andrew Witty was in a board meeting on Feb. 21 when officials interrupted with the news that Change Healthcare—a clearinghouse UHG subsidiary Optum had purchased for $1.3 billion in October...more

Shutts & Bowen LLP

New Guidelines Anticipated Following HHS’s Health Cybersecurity Concept Paper

Shutts & Bowen LLP on

Updates to the Health Insurance Portability and Accountability Act Security Rule (“HIPAA Security Rule”) are planned for Spring 2024. New guidance from The Department of Health and Human Services (“HHS”) via a recently...more

Health Care Compliance Association (HCCA)

Understanding the requirements for waiving or altering HIPAA authorization for research

The HIPAA Privacy Rule sets forth provisions related to the waiver or alteration of authorization in relation to clinical research studies for circumstances in which it would be impractical or impossible to obtain...more

Proskauer - Health Care Law Brief

HHS Publishes Roadmap of New Strategy for Cybersecurity in the Healthcare Sector

The U.S. Department of Health and Human Services (HHS) recently issued a strategy paper highlighting key aspects of its plan to revamp cybersecurity requirements in the healthcare industry. Citing a 93% increase in large data...more

18 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide