Lexology April 18, 2022
Hogan Lovells

The US Department of Health Human Services (HHS) is seeking public comments about the appropriate role of “recognized security practices” in enforcement of the HIPAA Security Rule. Congress, through an amendment to the HITECH Act, is requiring that the agency take into consideration certain “recognized security practices” when determining potential enforcement outcomes for HIPAA-regulated entities subject to audit or investigation for violations of the Security Rule. The Request for Information (RFI) provides an opportunity for stakeholders to help define which security frameworks and practices will be recognized in the context of enforcement of the Security Rule. In addition, the agency is seeking comments on developing a methodology by which it could distribute some of the funds collected through HIPAA enforcement...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, HHS, HIPAA, Provider, Technology
Related Articles:
Not 1, Not 2, but 6 Settlements
HIPAA Security Rule: Big Changes May Be Coming for Covered Entities & Business Associates
Perceived industry compliance failures prompt stringent proposed HIPAA Security Rule
Proposed Changes to the HIPAA Security Rule Will Have a Significant Impact on the Health Care Sector
HHS’ Proposed HIPAA Changes Are a Step in the Right Direction, But Some Providers May Struggle to Comply

Share This Article