The US Department of Health and Human Services (HHS) on January 6, 2025 issued a notice of proposed rulemaking (NPRM) seeking feedback on proposed updates to the Security Standards for the Protection ...

In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we discuss ...

The Department of Health and Human Services (HHS) proposed a rule days before the new year began that would hold healthcare organizations to a higher standard for protecting sensitive healthcare ...

In its annual audit required by the Federal Information Security Modernization Act of 2014, OIG said it reviewed HHS programs and practices against its core and supplemental metrics. Through the ...

The Department of Health and Human Services is making progress in improving its information security practices, but it still has gaps that put sensitive data and systems at risk of compromise, ...

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation and ...

The U.S. Department of Health and Human Services has proposed new rules that will have a profound effect on how healthcare providers share patient data. The Office for the National Coordinator of ...

The Department of Health and Human Services has finalized the most significant HIPAA Security Rule update since 2003, introducing mandatory encryption, multi-factor authentication, annual risk ...

A report from the Government Accountability Office suggests HHS could offer better guidance for healthcare organizations regarding cybersecurity and safeguarding patient information. The GAO report ...