Lexology May 5, 2022
Davis Wright Tremaine LLP

Just one month remains to comment on the U.S. Department of Health and Human Services (HHS) Office for Civil Rights’ (OCR) current Request for Information (RFI), which seeks public input on the implementation of two statutory provisions related to HIPAA:

  • (1) How HIPAA-covered entities and business associates can adequately demonstrate the adoption of “recognized security practices” when OCR considers potential violations of the HIPAA Security Rule; and
  • (2) How to distribute to harmed individuals portions of penalties and settlement amounts it collects.

Organizations may wish to comment in order to advocate for practical means of demonstrating the adoption of sound security practices and address thorny issues surrounding who is “harmed” and how they should be compensated, which could...

Today's Sponsors

Canton & Company
Curation Health

Today's Sponsors

Oliver Wyman

Today's Sponsor

Canton & Company

Topics: Govt Agencies, HHS, HIPAA, Provider
Guidance Needed on Information Blocking Rule Research Implications
Dobbs Triggers Significant Healthcare And Privacy Law Concerns And Confusion
Office of Civil Rights Releases Patient Privacy Guidance in the Wake of Dobbs Decision
HIPAA Privacy Concerns Post-Dobbs
Office for Civil Rights Provides HIPAA Privacy Rule on Disclosures of Information Relating to Reproductive Healthcare