Lexology January 16, 2025
Reed Smith LLP

In an era where cyberattacks on the health care industry have become alarmingly frequent and catastrophic, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has taken a bold step forward. The recently issued Notice of Proposed Rulemaking (NPRM) is OCR’s direct response to the escalation of cyber threats and harm paired with perceived pervasive noncompliance with the HIPAA Security Rule across the health care sector. The NPRM introduces many detailed security requirements that far surpass all previous legal mandates from OCR and may set the highest bar in the United States for securing electronic data.

The proposed amendments are not merely incremental updates; they represent a seismic...

Today's Sponsors

Venturous
ZeOmega

Today's Sponsor

Venturous

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, HIPAA, Technology
Related Articles:
OCR Kicks Off 2026 with Reminders about "System Hardening" for HIPAA Covered Entities
Providers Evaluate Security as Updated HIPAA Compliance Looms
Updates to HIPAA Notice of Privacy Practices Required by February 16, 2026
How Healthcare Organizations Can Navigate Security Changes Linked to HIPAA Updates
Preparing for the HIPAA Security Rule Update

Share Article