Lexology November 2, 2022
Sidley Austin LLP

Pursuant to legislation passed in 2021, covered entities and business associates subject to HIPAA and facing potential regulatory enforcement may receive some credit lessening to reduce enforcement penalties if they had implemented Recognized Security Practices (RSPs) within the prior 12 months. However, what may constitute RSPs and how a covered entity or business associate can demonstrate implementation of RSPs to receive such credit had not been clear. Now, the Department of Health and Human Services is seeking to provide clarity.

What To Do About “Recognized Security Practices” Now

HIPAA regulated entities may wish to review and compare their security practices to RSPs, and where necessary, implement RSPs to strengthen their cybersecurity and regulatory posture. Specifically, as HIPAA regulated entities assess...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Conferences / Podcast, Cybersecurity, Govt Agencies, Health IT, HHS, HIPAA, Provider, Technology, Trends
Related Articles:
Not 1, Not 2, but 6 Settlements
How Does the Department of Health and Human Services (HHS) Impact Health and Health Care?
How Healthcare Leaders Reacted to the 15 Additional Drugs Selected for Medicare Negotiation Program
STAT+: Trump finally finds a populist health care message in Kennedy’s MAHA
Lawmakers, experts weigh in on Medicare Drug Price Negotiation Program

Share This Article