The HIPAA Security Rule may soon undergo its first major overhaul in decades. Although finalization could come as early as May 2026, timelines remain uncertain as new requirements are grounded in ...

Our Health Care and Privacy, Cyber & Data Strategy groups review the status of the proposed update to the HIPAA Security Rule. The proposed changes to the HIPAA ...

These systems depend on secure hosting environments that protect electronic protected health information and meet HIPAA regulations. Hospitals, digital health companies, and software vendors rely on ...

The long-overdue final HIPAA omnibus rule was posted on the Federal Register public inspection desk Jan 17. The package of regulations will be officially posted on the Federal Register on Jan. 25. See ...

Doctors in a meeting (Getty Images) The Department of Health and Human Services is responding to a growing threat of cyberattacks against the healthcare industry. Healthcare was the most breached ...

The College of Healthcare Information Management Executives, the American Medical Association, and other healthcare providers and organizations are urging the U.S. Department of Health and Human ...

The January 2026 OCR Cybersecurity Newsletter is the U.S. Department of Health and Human Services Office for Civil Rights’ latest installment in its periodic series translating HIPAA Security Rule ...

Managing healthcare cybersecurity is a complex proposition, to say the least. Health system CISOs, CIOs and other information security leaders used to simply have to worry about ensuring robust ...

The OIG recently completed its review of CMS’s oversight with regard to HIPAA Security, and the result is alarming. OIG had some harsh words for CMS’s efforts, saying it has taken “limited actions,” ...

The Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996 to protect sensitive health information from being disclosed without patients' consent. Under this act, a patient's ...

The Covered Components and individuals who work in any of the Covered Components listed on the HIPAA Compliance website, are affected by this policy. Purdue University is a Hybrid Entity under the ...