Lexology April 18, 2022
Hogan Lovells

The US Department of Health Human Services (HHS) is seeking public comments about the appropriate role of “recognized security practices” in enforcement of the HIPAA Security Rule. Congress, through an amendment to the HITECH Act, is requiring that the agency take into consideration certain “recognized security practices” when determining potential enforcement outcomes for HIPAA-regulated entities subject to audit or investigation for violations of the Security Rule. The Request for Information (RFI) provides an opportunity for stakeholders to help define which security frameworks and practices will be recognized in the context of enforcement of the Security Rule. In addition, the agency is seeking comments on developing a methodology by which it could distribute some of the funds collected through HIPAA enforcement...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, HHS, HIPAA, Provider, Technology
Related Articles:
Addressing The HIPAA Blind Spot For Crisis Pregnancy Centers
6 Important Takeaways for HIPAA Covered Entities and Business Associates from 2024 NIST HHS OCR Conference
HHS settles 2 ransomware investigations as attacks rise
Safeguarding Health Information: Takeaways from HHS and NIST 2024 HIPAA Security Conference
White House OMB is reviewing proposed cybersecurity updates to HIPAA

Share This Article