The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) must take significant steps to enhance its HIPAA audit program to ensure stronger protection of electronic ...

Purdue University is a Hybrid Entity under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Purdue’s primary purpose is education; however, Purdue does have departments and ...

Melanie Fontes Rainer, HHS OCR director, speaking at a HIPAA summit this week (Image: Marianne Kolbasuk McGee) As the final months of the Biden administration wrap up, regulators at the agency charged ...

Since the inception of the Health Insurance Portability and Accountability Act in 1996, covered entities have had to navigate its murky waters. Last year, the Department of Health and Human Services ...

Editor’s note: Steven W. Teppler is a partner and chair of the Cybersecurity and Data Privacy practice group at Mandelbaum Barrett PC in Roseland, New Jersey. Carly ...

Healthcare organizations face an unprecedented security crisis. Since 2018, the number of individuals affected by healthcare data breaches has nearly doubled—hitting 56 million last year. These ...

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation and ...

The Department of Health and Human Services submitted proposed updates to the 20-year-old HIPAA Security Rule to the White House for review, aiming to enhance the cybersecurity protections for ...

An unmitigated revamp of healthcare cybersecurity is coming in 2025, and experts warn that the compliance burden for organizations will be steep. Since 2005, healthcare organizations have been subject ...

HIPAA is often used as a shorthand for "no," but the law is a nuanced permissions framework, not a blanket prohibition. Explore why "HIPAA-compliant" software often enforces a caricature of the actual ...