By Matt Fisher – On January 6, 2025, the Department of Health and Human Services officially published a notice of proposed rulemaking to modify and update the HIPAA Security Rule. The timing of the proposed rule leaves any sort of immediate action with a lot of uncertainty (changing administrations bring changing priorities and delays).
Read More
By Harshit Jain MD – Pharmaceutical marketing through point-of-care (POC) messaging. has many benefits, including enhanced compliance through improved script conversion, and ultimately reduced hospitalization through the promotion of value-based-care.
The proposed rule would modify the HIPAA Security Rule to require health plans, health care clearinghouses, and most health care providers, and their business associates, to strengthen cybersecurity protections for individuals’ protected health information.
By Matt Fisher – 2024 cannot end without a further wrinkle on the HIPAA front. Earlier in the year, the Office for Civil Rights in the Department of Health and Human Services modified the HIPAA Privacy Rule by adding language specific to reproductive health care and reproductive health care services.
By Matt Fisher – The HHS Office for Civil Rights is finishing 2024 with a flurry of HIPAA settlements and there is still more time to go. Each settlement offers a different insight into necessary compliance and oversight activities.
By Matt Fisher – The HHS Office for Civil Rights continues to pursue enforcement actions when alleged non-compliance occurs following a right of access request. Not every settlement provides the same degree of insight or ability to follow OCR’s line of thinking though. That is the case stemming from the latest civil monetary penalty announced by OCR.
By Matt Fisher – The Office for Civil Rights announced the latest in its ongoing series of settlements or penalties stemming from individual right of access issues under HIPAA on October 17, 2024, which also happens to be the fiftieth such settlement.
By Matt Fisher – Recently the OCR announced another settlement stemming from a ransomware attack. The settlement is just the latest one imposed by OCR stemming from a cyberattack. It may feel like rubbing salt in a wound, but the details behind the settlement (at least the minimum ones available) provide a little bit more insight.
By Zac Amos – Healthcare providers and information technology teams tirelessly safeguard systems against cyberattacks and preserve patients’ privacy. De-identification, one of their best defenses, has long been a staple in the industry, as HIPAA requires.