Lexology March 6, 2025
Bradley Arant Boult Cummings LLP

In this final blog post in the Bradley series on the HIPAA Security Rule notice of proposed rulemaking (NPRM), we examine how the U.S. Department of Health and Human Services (HHS) Office for Civil Rights interprets the application of the HIPAA Security Rule to artificial intelligence (AI) and other emerging technologies. While the HIPAA Security Rule has traditionally been technology agnostic, HHS explicitly addresses security measures for these evolving technology advances. The NPRM provides guidance to incorporate AI considerations into compliance strategies and risk assessments.

AI Risk Assessments

In the NPRM, HHS would require a comprehensive, up-to-date inventory of all technology assets that identifies AI technologies interacting with ePHI. HHS clarifies that the Security Rule governs ePHI used in both...

Today's Sponsors

Venturous
Got healthcare questions? Just ask Transcarent

Today's Sponsor

Venturous

Continue Reading

 
Topics: AI (Artificial Intelligence), Cybersecurity, Govt Agencies, HHS, HIPAA, Technology
Related Articles:
How To Get Comfortable With AI, Conversation With Andrew Ng
The great software rewiring: AI isn’t just eating everything; it is everything
The future of clinical trials: Are we ready?
AI Around The World – TSMC Pumps More Money Into U.S. Operations
DOJ: Google Can Keep AI Investments but Must Sell Chrome

Share This Article