Physicians Practice May 8, 2025
Rachel V. Rose, JD, MBA, Keith A. Reynolds

Practice administrators seeking federal grants or contracts must look beyond HIPAA, completing SAM registration and adopting FAR 52.204‑21’s 15 essential cybersecurity controls to safeguard PHI, PII, FCI and CUI.

When most people in the health care sector think about the privacy and security of data, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) immediately comes to mind. Not surprising given that HIPAA is almost thirty (30) years old, patients are familiar with it because of the HIPAA Authorizations and covered entities and business associates (45 CFR 160.103) have been required to comply with the respective Privacy Rule, Security Rule and Breach Notification Rule since before 2010.

What about cybersecurity requirements in the scenario where a person contracts with the...

Today's Sponsors

Venturous
ZeOmega

Today's Sponsor

Venturous

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, HIPAA, Technology
Related Articles:
OCR Kicks Off 2026 with Reminders about "System Hardening" for HIPAA Covered Entities
Providers Evaluate Security as Updated HIPAA Compliance Looms
Updates to HIPAA Notice of Privacy Practices Required by February 16, 2026
How Healthcare Organizations Can Navigate Security Changes Linked to HIPAA Updates
Preparing for the HIPAA Security Rule Update

Share Article