Lexology April 18, 2022
Hogan Lovells

The US Department of Health Human Services (HHS) is seeking public comments about the appropriate role of “recognized security practices” in enforcement of the HIPAA Security Rule. Congress, through an amendment to the HITECH Act, is requiring that the agency take into consideration certain “recognized security practices” when determining potential enforcement outcomes for HIPAA-regulated entities subject to audit or investigation for violations of the Security Rule. The Request for Information (RFI) provides an opportunity for stakeholders to help define which security frameworks and practices will be recognized in the context of enforcement of the Security Rule. In addition, the agency is seeking comments on developing a methodology by which it could distribute some of the funds collected through HIPAA enforcement...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, HHS, HIPAA, Provider, Technology
Related Articles:
HIPAA update protects privacy of reproductive health information
More FTC Privacy Action
White House moves to protect patient abortion records
OCR launches webpage with HIPAA FAQs on Change Healthcare cyberattack
OCR finalizes rule prohibiting certain reproductive health care disclosures

Share This Article