Lexology January 16, 2025
Michael Best & Friedrich LLP

Organizations in the health care sector should be aware that changes to the HIPAA Security Rule may be on the horizon. Recently, the U.S. Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), issued a proposed rule focused on improving cybersecurity and protecting the health care system from the rapidly increasing number of cyberattacks.

The proposed rule would completely overhaul the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule for covered entities and business associates (together referred to as “regulated entities”). The proposed regulations eliminate much of the flexibility offered by the current rules and would involve a multitude of new regulatory requirements for entities dealing with electronic protected health information (ePHI).

...

Today's Sponsors

Venturous
ZeOmega

Today's Sponsor

Venturous

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, HIPAA, Technology
Related Articles:
OCR Kicks Off 2026 with Reminders about "System Hardening" for HIPAA Covered Entities
Providers Evaluate Security as Updated HIPAA Compliance Looms
Updates to HIPAA Notice of Privacy Practices Required by February 16, 2026
How Healthcare Organizations Can Navigate Security Changes Linked to HIPAA Updates
Preparing for the HIPAA Security Rule Update

Share Article