Businesses across many industries naturally want to showcase their satisfied customers. Whether it’s a university featuring successful graduates, a
Articles Discussing HIPAA.
Regulation Adds Privacy Protections for Patient Records on Substance Use Disorders
Entities regulated by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), including employer-sponsored health plans, have until February 16, 2026, to comply with additional privacy protections for patient records related to substance use disorder. A separate permission is required for disclosing information about a person’s substance use disorder.
2024 HIPAA Reproductive Health Privacy Rule Vacated
In 2024, under the Biden Administration, the Department of Health & Human Services (“HHS”) issued the 2024 Reproductive Health Privacy Rule (the “2024 Final Rule”), modifying parts of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).
How a Texas Federal District Court Changed the HIPAA Reproductive Health Privacy Rule, But SCOTUS Decision May Say Not So Fast
Explained in more detail below, under the recent vacatur of most of the HIPAA Privacy Rule to Support Reproductive Health Care Privacy (the “Reproductive
Compliance Corner: HIPAA Special Enrollment Rights
The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) was enacted to protect the privacy and security of individuals’ medical information. It sets standards for how healthcare providers, insurers, and other entities handle personal health information (“PHI”), ensuring that such data is kept confidential and secure. Among its various provisions, HIPAA also includes special enrollment rights, which allows individuals to enroll in a health plan outside of the usual open enrollment period if they experience certain qualifying events. So, what exactly are special enrollment rights and when do they apply?
States Move Forward with Privacy Protections to Close HIPAA Gaps for Health, Reproductive Health Info
TakeawaysMultiple state laws are strengthening protections for health data, increasingly going beyond HIPAA, healthcare providers and health plans.Certain categories of health information, such as reproductive health, have greater privacy protections.Organizations cannot look solely to HIPAA when assessing privacy compliance.Related links
2025 Enforcement Trends: Risk Analysis Failures at the Center of HHS’s Multimillion-Dollar HIPAA Penalties
In the first five months of 2025, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced it had entered into ten Health Insurance Portability and Accountability Act (HIPAA) resolution agreements reflecting the settlement of alleged HIPAA violations stemming from data breaches reported to OCR.
Industry Groups Urge Rescission of Proposed HIPAA Security Rule Updates
In February, a coalition of healthcare organizations sent a letter to President Donald J. Trump and the U.S. Department of Health and Human Services (HHS) (the Letter), urging the immediate rescission of a proposed update to the Security Rule under HIPAA. The update is aimed at strengthening safeguards for securing
Changes Proposed by HHS to Strengthen HIPAA Security Rule
On January 6, 2025, the US Department of Health and Human Services Office for Civil Rights (“OCR”) issued a notice of proposed rulemaking (“Proposed Rule”) containing significant updates to the Security Rule under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).
OCR Proposed Tighter Security Rules for HIPAA Regulated Entities, including Business Associates and Group Health Plans
As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security
Florida Healthcare Provider Faces $1.19M HIPAA Penalty Following Independent Contractor Breach
A healthcare provider delivering pain management services in Florida and other states faces a $1.19 million civil monetary penalty from the U.S.
HIPAA Reproductive Health Care PHI Rules: Compliance Date Approaching
HIPAA Privacy Rules Get a Post-Dobbs Refresh on Reproductive Health Care
Employers will soon see the national debate about abortion popping up in some unexpected places: the HIPAA privacy policies and procedures and notices of privacy practices they use for their health benefit plans.
New HIPAA Final Rule Imposes Added Protections for Reproductive Health Care Privacy
On April 22, 2024, the federal Department of Health and Human Services’ Office for Civil Rights (OCR) announced a final rule enhancing privacy protections relating to reproductive health care. Specifically, the final rule amends the Privacy Rule under the Health Insurance Portability and Accountability Act (HIPAA) to, among other things,
Federal Regulators Unveil Revised Final Guidance for Healthcare Cybersecurity and HIPAA Compliance
On February 14, 2024, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) published a new, final version of their guidance for regulated healthcare entities to follow to improve cybersecurity and compliance with the Health Insurance