Lexology February 27, 2025
Koley Jessen PC

Significant changes are being proposed to the HIPAA Security Rule that will require Covered Entities and Business Associates to reevaluate their current HIPAA compliance practices. On January 6, 2025, the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) published a Notice of Proposed Rulemaking (“NPRM”) to modify the HIPAA Security Rule (42 C.F.R. § 164.300 et seq.). To combat growing and consistent cybersecurity threats, the NPRM aims at strengthening cybersecurity protections for electronic Protected Health Information (“ePHI”).

HIPAA Security Rule Background and Purpose of NPRM

The Security Rule established national standards governing the protection of ePHI. Covered Entities and Business Associates are required to implement administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and...

Today's Sponsors

Venturous
Got healthcare questions? Just ask Transcarent

Today's Sponsor

Venturous

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health System / Hospital, HIPAA, Provider, Technology
Related Articles:
‘Security! Security!’ HHS Proposes Updates To HIPAA’s Security Rule
Podcast Episode 04: Navigating HIPPA - Current Trends and Future Directions
Selling a practice: How to remain HIPAA compliant during a sale
Why are only physicians prosecuted under HIPAA? [PODCAST]
HIPAA Enforcement Marches On (?)

Share This Article