Lexology January 2, 2025
Morgan Lewis & Bockius LLP

For the first time in 11 years, the US Department of Health and Human Services (HHS) has proposed updating the Security Rule under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The Proposed Rule, to be published on January 6, 2025, aims to “increase the cybersecurity” for electronic protected health information (ePHI) by addressing the changing healthcare environment, increased frequency of breaches and cyberattacks, common compliance deficiencies observed by the HHS Office for Civil Rights, and other relevant changes to the legal landscape such as court decisions and best practices. Comments to the Proposed Rule are due March 7, 2025.

The Proposed Rule makes a number of significant changes to the Security Rule (Security Standard for the Protection...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health System / Hospital, HHS, HIPAA, Provider, Technology
Related Articles:
Healthcare CIOs Prepare For HIPAA Update
HHS proposes HIPAA update to boost healthcare cybersecurity
HHS Announces Notice of Proposed Rulemaking to Update the HIPAA Security Rule
HHS Proposes Rule to Bolster Cybersecurity Standards for Electronic Patient Data
OCR Proposed Tighter Security Rules for HIPAA Regulated Entities, including Business Associates and Group Health Plans

Share This Article