Lexology January 2, 2025
Morgan Lewis & Bockius LLP

For the first time in 11 years, the US Department of Health and Human Services (HHS) has proposed updating the Security Rule under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The Proposed Rule, to be published on January 6, 2025, aims to “increase the cybersecurity” for electronic protected health information (ePHI) by addressing the changing healthcare environment, increased frequency of breaches and cyberattacks, common compliance deficiencies observed by the HHS Office for Civil Rights, and other relevant changes to the legal landscape such as court decisions and best practices. Comments to the Proposed Rule are due March 7, 2025.

The Proposed Rule makes a number of significant changes to the Security Rule (Security Standard for the Protection...

Today's Sponsors

Venturous
Got healthcare questions? Just ask Transcarent

Today's Sponsor

Venturous

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health System / Hospital, HHS, HIPAA, Provider, Technology
Related Articles:
Pivot: Discussing the Impact of a Proposed HIPAA Security Update
Always Listening, Always Leaking?
Ensuring HIPAA Compliance in Telehealth Sessions
Navigating the 2024 proposed HIPAA security rule amendments
Proposed HIPAA Security Rule Requires AI Governance

Share This Article