Our Health Care and Privacy, Cyber & Data Strategy groups review the status of the proposed update to the HIPAA Security Rule. The proposed changes to the HIPAA ...

The National Institute of Standards and Technology is seeking public comment as it plans to update its 2008 guidance for implementing the HIPAA Security Rule, which went into effect about 20 years ago ...

Protecting sensitive health information is a fundamental pillar of modern medicine. Patients trust healthcare organizations ...

While many of the proposed modifications to the HIPAA Security Rule are reasonable expectations, others will be extremely onerous to implement - especially within a short time frame - if federal ...

Feb. 16, 2026, is the deadline for updating and distributing HIPAA Notices of Privacy Practices (“NPP”) that address the confidentiality ...

The proposed update to strengthen the cybersecurity of electronic protected health information fails to account for "information technology complexities of modern health care delivery organizations" ...

Some healthcare providers already meet potential new HIPAA security requirements, but others may face significant challenges.

The newly proposed Health Insurance Portability and Accountability Act (HIPAA) Security Rule may look very different once it becomes official as concerns loom. Earlier this year, the Federal Register ...

The Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996 to protect sensitive health information from being disclosed without patients' consent. Under this act, a patient's ...

The Covered Components and individuals who work in any of the Covered Components listed on the HIPAA Compliance website, are affected by this policy. Purdue University is a Hybrid Entity under the ...

1. The HIPAA Security Rule has not been updated since it went into effect in 2005. 2. Since ASCs don’t generally qualify for ARRA/HITECH stimulus funds, because they are intended for hospitals and ...

3. Final rule on Breach Notification for Unsecured Protected Health Information under the HITECH Act, which replaces the breach notification rule’s “harm” threshold with a more objective standard and ...