Lexology May 2, 2024
Loeb & Loeb LLP

The Department of Health and Human Services (HHS) Office of Civil Rights (OCR) will use all its tools, including reviving the HIPAA compliance audit, to enforce compliance with the HIPAA Security Rule as it applies to covered entities and business associates. The last phase of audits, conducted between 2016 and 2017, consisted of documentation requests that uncovered many entities’ failure to implement a risk analysis and risk management program, among other deficiencies. As noted in the HIPAA Summit Recap, HHS intends to move forward with a crucial new risk analysis initiative. In addition, OCR will focus on HIPAA Security Rule compliance related to organizations’ use of tracking technologies such as pixels and SDKs as an enforcement priority.

The likelihood of...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Govt Agencies, HHS, HIPAA, Provider
Related Articles:
Addressing The HIPAA Blind Spot For Crisis Pregnancy Centers
6 Important Takeaways for HIPAA Covered Entities and Business Associates from 2024 NIST HHS OCR Conference
HHS settles 2 ransomware investigations as attacks rise
Safeguarding Health Information: Takeaways from HHS and NIST 2024 HIPAA Security Conference
White House OMB is reviewing proposed cybersecurity updates to HIPAA

Share This Article