The 2026 HIPAA Security Rule overhaul will make encryption, multi-factor authentication, and regular security testing mandatory for all healthcare entities. These changes remove the ‘addressable’ ...

New four-pillar compliance structure gives independent practices a clear path through the latest Security Rule overhaul ...

The Department of Health and Human Services is preparing to implement the most significant HIPAA Security Rule update since its 2003 adoption, with finalization expected in May 2026. Proposed changes ...

A final rule is expected later this spring, and many of its proposed changes would be time‑consuming and costly for covered entities and business associates to manage. But implementing some of these ...

This post is part of our The Top 2025 Privacy and Security Issues Still Shaping Healthcare series, in which our team of attorneys provides essential strategies and ...

Paula Stannard, director of the U.S. Department of Health and Human Services' Office for Civil Rights, provided some insight into the agency's latest HIPAA efforts during a HIPAA Summit this week.

The College of Healthcare Information Management Executives, the American Medical Association, and other healthcare providers and organizations are urging the U.S. Department of Health and Human ...

Over the past decade, the United States health care industry has experienced a significant increase in cyberattacks, including ransomware ...

Faulty or non-existent security risk analyses cost a medical imaging provider, a women's healthcare group, a health plan and ...

Purdue University is a Hybrid Entity under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Purdue’s primary purpose is education; however, Purdue does have departments and ...