In recent years, health care organizations and the vendors that support them have been prime targets for cyber attacks. Indeed, just last year, the ransomware attack on the health care clearinghouse ...

On December 27, 2024, the Department of Health and Human Services (“HHS”) proposed substantial revisions to the 20-year-old HIPAA Security Rule. Comments on the proposal will be due within sixty days ...

The US Department of Health and Human Services (HHS) on January 6, 2025 issued a notice of proposed rulemaking (NPRM) seeking feedback on proposed updates to the Security Standards for the Protection ...

An unmitigated revamp of healthcare cybersecurity is coming in 2025, and experts warn that the compliance burden for organizations will be steep. Since 2005, healthcare organizations have been subject ...

The HHS Office for Civil Rights proposed a rule on Jan. 6 to update the HIPAA Security Rule, potentially affecting health systems’ security policies and operations. A Feb. 3 blog post by Coronis ...

The Department of Health and Human Services and the Office for Civil Rights have announced they will be soliciting comments on a proposal to modify the Security Standards for the Protection of ...

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation and ...

The healthcare landscape is undergoing a seismic shift in 2026 as the new HIPAA Security Rule eliminates the 'addressable' loophole for Multi-Factor Authentication (MFA), forcing every major portal to ...

Editor’s note: Steven W. Teppler is a partner and chair of the Cybersecurity and Data Privacy practice group at Mandelbaum Barrett PC in Roseland, New Jersey. Carly ...