Lexology January 9, 2025
Akerman LLP

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently proposed a sweeping rewrite of the HIPAA Security Rule that, if finalized, will require that many Covered Entities and their Business Associates (Regulated Entities) invest significant resources to comply with new, less flexible requirements designed to strengthen the cybersecurity posture of the American healthcare system. We discuss below several aspects of OCR’s comprehensive overhaul of the Security Rule published in its Notice of Proposed Rulemaking (NPRM) on January 6, 2025, the first proposed revisions to the Security Rule since 2013. The 60-day notice and comment period closes on March 7, 2025.

In a Press Release announcing the proposed updates, OCR Director Melanie Fontes Rainer stated...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, HIPAA, Technology
Related Articles:
New privacy screen protectors launched to help practices stay HIPAA compliant
Home-Based Care Providers Vulnerable to HIPAA Compliance Issues
HHS tightens HIPAA as healthcare cyberattacks increase
HHS Publishes Notice of Proposed Rulemaking to Amend HIPAA Security Rule Requirements - Comments Due March 7, 2025
HIPAA Compliance: 3 Strategies for Implementing Multilingual Healthcare Delivery

Share This Article