Lexology November 2, 2022
Sidley Austin LLP

Pursuant to legislation passed in 2021, covered entities and business associates subject to HIPAA and facing potential regulatory enforcement may receive some credit lessening to reduce enforcement penalties if they had implemented Recognized Security Practices (RSPs) within the prior 12 months. However, what may constitute RSPs and how a covered entity or business associate can demonstrate implementation of RSPs to receive such credit had not been clear. Now, the Department of Health and Human Services is seeking to provide clarity.

What To Do About “Recognized Security Practices” Now

HIPAA regulated entities may wish to review and compare their security practices to RSPs, and where necessary, implement RSPs to strengthen their cybersecurity and regulatory posture. Specifically, as HIPAA regulated entities assess...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Conferences / Podcast, Cybersecurity, Govt Agencies, Health IT, HHS, HIPAA, Provider, Technology, Trends
Related Articles:
MGMA seeks clarity on breach notification burden in wake of Change cyberattack
Podcast: How the ACA Market Has Matured w/ Sabrina Corlette and Jason Levitis
HHS Modifies HIPAA Privacy Rule to Shield Reproductive Health Information from Third Party Access
HHS final rule requires HIPAA compliance changes for reproductive health care information
HHS releases national suicide prevention strategy, plan

Share This Article