Lexology January 22, 2025
Paul Hastings LLP

On December 27, 2024, the U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), announced a Notice of Proposed Rulemaking (NPRM) to amend the Security Standards for the Protection of Electronic Protected Health Information (Security Rule) under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act). The NPRM was later published in the Federal Register on January 6, 2025 (full text here).

According to OCR, the proposed rule comes in response to growing cyber threats impacting regulated entities, with language noting, “[b]etween 2018 and 2023, the number of breaches of unsecured PHI reported to [HHS] grew at an...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health System / Hospital, HHS, HIPAA, Provider, Technology
Related Articles:
Key components of the HHS Security Rule NPRM
Medicare Negotiations Could Fuel, Not Stifle, Innovation
Legal Defeat Remains Key Even if Legislative, Administrative Barriers Make Repeal of the Nursing Home Staffing Mandate Inevitable
Not 1, Not 2, but 6 Settlements
How Does the Department of Health and Human Services (HHS) Impact Health and Health Care?

Share This Article