HIPAA Journal December 9, 2025
Steve Alder

The College of Healthcare Information Management Executives (CHIME) and more than 100 U.S. hospital systems, healthcare provider organizations, and provider associations have called for the Department of Health and Human Services (HHS) to withdraw its proposed updates to the HIPAA Security Rule.

The HIPAA Security Rule was enacted in 2002, nine years after HIPAA was signed into law, to establish security standards for electronic protected health information created, received, used, or maintained by a covered entity, with the requirements subsequently expanded to cover business associates of HIPAA-regulated entities. The Security Rule was written to be technology agnostic to avoid frequent rule changes in response to advances in technology; however, 22 years after its initial release, the HHS proposed a substantial...

Today's Sponsors

Venturous
ZeOmega

Today's Sponsor

Venturous

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health System / Hospital, HIPAA, Provider, Technology
Related Articles:
The 250 best hospitals, according to Healthgrades
How HTM will power resilient health systems in 2026
AAMC report finds 7th consecutive year of growth in medical residents
Are Hospitals Procrastinating on TEAM Model Work?
Seeking tools for the Isle of Man

Share Article