The US Department of Health and Human Services (HHS) on January 6, 2025 issued a notice of proposed rulemaking (NPRM) seeking feedback on proposed updates to the Security Standards for the Protection ...

The Department of Health and Human Services offers a model for applying multifactor authentication for privileged users, a new report illustrates. On the other hand, a second report shows HHS, like ...

In its annual audit required by the Federal Information Security Modernization Act of 2014, OIG said it reviewed HHS programs and practices against its core and supplemental metrics. Through the ...

In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we discuss ...

The HHS Office of the Inspector General conducted a review of HHS’ compliance with the Federal Information Security Modernization Act of 2014 for fiscal year 2015. Overall, the OIG found HHS made ...

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation and ...

The Department of Health and Human Services (HHS) proposed a rule days before the new year began that would hold healthcare organizations to a higher standard for protecting sensitive healthcare ...

March 14, 2025 - On Jan. 6, 2025, the U.S. Department of Health and Human Services (HHS) proposed new regulations to enhance cybersecurity protections for electronic protected health information (ePHI ...

The Department of Health and Human Services is making progress in improving its information security practices, but it still has gaps that put sensitive data and systems at risk of compromise, ...

A report from the Government Accountability Office suggests HHS could offer better guidance for healthcare organizations regarding cybersecurity and safeguarding patient information. The GAO report ...