Despite years of federal warnings, many HIPAA regulated organizations neglect to expand their security risk analysis very far beyond electronic health records, said ...

Some healthcare providers already meet potential new HIPAA security requirements, but others may face significant challenges.

Major proposed changes to security guidance related to HIPAA compliance have been underway, with the expectation that ...

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) must take significant steps to enhance its HIPAA audit program to ensure stronger protection of electronic ...

The HIPAA Security Rule was originally promulgated over 20 years ago. While it historically provided an important regulatory floor for securing electronic protected health information, the Security ...

If finalized in its current form, the Proposed Rule would require covered entities — health plans, health care clearinghouses and health care providers who transmit information electronically in ...

Since the inception of the Health Insurance Portability and Accountability Act in 1996, covered entities have had to navigate its murky waters. Last year, the Department of Health and Human Services ...

Healthcare organizations face an unprecedented security crisis. Since 2018, the number of individuals affected by healthcare data breaches has nearly doubled—hitting 56 million last year. These ...

The National Institute of Standards and Technology is seeking public comment as it plans to update its 2008 guidance for implementing the HIPAA Security Rule, which went into effect about 20 years ago ...

In late February, the Department of Health and Human Services released a new rule under HIPAA (the Health Insurance Portability and Accountability Act) called the final rule on security standards.

New federal security standards that cover how personal health information is electronically maintained or transmitted could create a legal nightmare for the health care industry, will require a ...