The Health Insurance Portability and Accountability Act (HIPAA) is not technology specific, so HIPAA updates are made frequently via guidance notices issued by HHS´ Office for Civil Rights to account for advances in technology and changes to working practices. In the two decades since the legislation was introduced there have been several major HIPAA updates.
The most notable HIPAA updates were the introduction of the HIPAA Privacy Rule and Security Rule in 2003, the HIPAA Enforcement Rule in 2006, the incorporation of HITECH Act requirements in 2009 and the HIPAA Omnibus Final Rule in 2013.
The HIPAA Safe Harbor Law (HR 7898) is an amendment to the HITECH Act passed by Congress in 2021 which...
New legislation – the Health Information Privacy Reform Act – has been introduced to improve privacy protections for health information...
A $182,000 settlement has been agreed between the HHS’ Office for Civil Rights and five Delaware healthcare providers to resolve...
A New York business associate has chosen to settle an alleged violation of the Health Insurance Portability and Accountability Act...
Department of Health and Human Services (HHS) Office for Civil Rights (OCR) Director, Paula M. Stannard, has announced OCR’s 18th...
The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has agreed to settle alleged violations of...
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
According to the Paubox 2026 Healthcare Email Security Report, in 2025, 170 email-related data breaches were reported to the HHS’…
The Malden, Massachusetts-based Mystic Valley Elder Services has agreed to pay $520,000 to settle a consolidated class action lawsuit stemming…
The HHS’ Office for Civil Rights (OCR) has announced another settlement to resolve an alleged violation of the risk analysis...
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has announced its 9th financial penalty of...
The HHS’ Office for Civil Rights has announced its 8th financial penalty under the Trump administration, with the latest financial...
The HHS’ Office for Civil Rights (OCR) has announced another settlement to resolve an alleged violation of the risk analysis...
The HHS’ Office for Civil Rights (OCR) has announced its 6th financial penalty of the year to resolve alleged violations...
The Department of Health and Human Services’ Office for Civil Rights (OCR) has announced its 7th HIPAA enforcement action under...
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has imposed its second financial penalty...
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has imposed its first financial penalty...
Another ransomware investigation has been settled by the HHS’ Office for Civil Rights (OCR) with a financial penalty. Northeast Surgical...
South Broward Hospital District, a Florida health system that does business as Memorial Healthcare System, has agreed to settle an...
The HHS’ Office for Civil Rights (OCR) has announced that a settlement has been reached with a direct-to-patient distributor of...
It has been a busy end to the year for the HHS’ Office for Civil Rights (OCR) concerning HIPAA enforcement....
The HHS’ Office for Civil Rights (OCR) has announced another settlement to resolve an investigation of a ransomware attack. Virtual...
The HHS’ Office for Civil Rights (OCR) has announced its first HIPAA enforcement of the year to resolve alleged violations...
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has agreed to settle alleged HIPAA...
The HHS’ Office for Civil Rights (OCR) has announced another civil monetary penalty for a HIPAA-regulated entity to address non-compliance...
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has imposed a $1.19 million civil...
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has announced its first enforcement action...
The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has imposed a $100,000 civil monetary penalty...
The HHS Office for Civil Rights (OCR) has confirmed that another settlement has been agreed to resolve a ransomware-related HIPAA...
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has announced its 9th financial penalty...
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has settled alleged HIPAA violations with the...
American Medical Response (AMR), a private ambulance company, has paid a $115,200 civil monetary penalty to the HHS’ Office for...
The HHS’ Office for Civil Rights (OCR) has agreed to settle alleged HIPAA Security Rule violations with Heritage Valley Health...
The Federal Trade Commission (FTC) issued a final rule on April 26, 2024, that updates the FTC Health Breach Notification...
The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has released its long-awaited Final Rule on...
The HHS’ Office for Civil Rights has announced another financial penalty has been imposed for a violation of the HIPAA...
The Department of Health and Human Services’ Office for Civil Rights (OCR) has announced that a $35,000 settlement has been...
The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has settled alleged violations of the Health...
The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has announced its first financial penalty of...
Senator Bill Cassidy (R-LA), ranking member of the U.S. Senate Committee on Health, Education, Labor, and Pensions (HELP), is seeking...
The Secretary of the Department of Health and Human Services (HHS) has proposed a new rule that will require the...
The HHS’ Office for Civil Rights has issued a bulletin confirming that the use of third-party tracking technologies on websites,...
Senator Mark Warner (D-VA), Chairman of the Senate Select Committee on Intelligence, has recently published a white paper – Cybersecurity...
A group of 30 senators is urging the Department of Health and Human Services to update the Health Insurance Portability...
President Biden and U.S. Department of Health and Human Services (HHS) Secretary Xavier Becerra recently called on HHS agencies to...
Start preparing now and get your telehealth services HIPAA compliant as when the COVID-19 Public Health Emergency (PHE) ends, the...
Earlier this year, the HHS’ Office for Civil Rights issued a request for information (RFI) on how the financial penalties...
The National Institute of Standards and Technology (NIST) has published a new report on the use of biometric authentication on...
The National Institute of Standards and Technology (NIST) is planning on revising and updating its guidance on implementing the HIPAA...
The Department of Health and Human Services’ Office for Civil Rights is warning healthcare organizations about a potential phishing scam...
The Confidentiality of Substance Use Disorder Patient Records regulations (42 CFR Part 2) have been revised by the Department of Health and...
The HHS’ Office for Civil Rights (OCR) has issued guidance to healthcare providers to remind them that the HIPAA Privacy...
The HHS has issued a Notice of Enforcement Discretion covering healthcare providers and business associates that participate in the operation...
On April 2, 2020, the Department of Health and Human Services announced that with immediate effect, it will be exercising...
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has issued further guidance on HIPAA and...
In an effort to prevent the spread of the 2019 novel coronavirus, patients suspected of being exposed to the virus...
Following on from the announcement from the HHS’ Office for Civil Rights that enforcement of HIPAA compliance in relation to...
The Department of Health and Human Services has issued a final rule modifying the HIPAA National Council for Prescription Drug...
The Department of Education and the Department of Health and Human Services’ Office for Civil Rights have issued updated guidance...
The U.S Department of Health and Human Services has increased the civil monetary penalties for HIPAA compliance violations in accordance...
Roger Severino, Director of the HHS’ Office for Civil Rights, has given an update on OCR’s HIPAA enforcement priorities at...
Sen. Rand Paul, M.D., (R-Kentucky) has introduced a new bill that attempts to have the national patient identifier provision of...
Alex Azar, Secretary of the Department of Health and Human Services (HHS), has declared a public health emergency (PHE) in...
The Substance Abuse and Mental Health Services Administration (SAMHSA) has proposed a new rule that loosens restrictions on substance use...
The Secretary of the U.S. Department of Health and Human Services (HHS) has issued a limited waiver of HIPAA sanctions...
The Department of Health and Human Services’ Office for Civil Rights has issued new HIPAA guidance for health plans on...
Since the Department of Health and Human Services implemented the requirements of the Health Information Technology for Economic and Clinical...
The Department of Health and Human Services has issued a notification of enforcement discretion regarding the civil monetary penalties that...
The Department of Health and Human Services has extended the deadline for submitting comments on its proposed rules to promote...
The HHS’ Centers for Medicare and Medicaid Services (CMS) has launched a compliance review program to assess whether HIPAA covered...
On Monday, February 11, 2019, the HHS’ Office of the National Coordinator for Health Information Technology (ONC) and the Centers...
The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued a request for information (RFI) seeking...
The American Medical Informatics Association (AMIA) and the American Health Information Management Association (AHIMA) have called for changes to HIPAA...
The HHS has drafted a Request for Information (RFI) to discover how HIPAA Rules are hampering patient information sharing and...
On Wednesday, September 12, 2018, President Trump approved a request for a federal emergency declaration in the state of Virginia...
At a July 27 address at The Heritage Foundation, Secretary of the Department of Health and Human Services (HHS), Alex...
The HIPAA patch management requirements are part of the security management process standard in the Administrative Safeguards of the Security...
The Department of Health and Human Services’ Office for Civil Rights has issued new guidance for HIPAA-covered entities to streamline...
The Department of Health and Human Services’ Office for Civil Rights (OCR) has reminded HIPAA-covered entities that HIPAA not only...
The Department of Health and Human Services’ Office for Civil Rights is the primary enforcer of HIPAA Rules and has...
In its April 2018 cybersecurity newsletter, OCR draws attention to the benefits of performing a gap analysis in addition to...
A new patient guidebook on health record access has been published by the Department of Health and Human Services’ Office...
The Centers for Medicare & Medicaid Services (CMS) has recently issued a reminder that eligible hospitals and Critical Access Hospitals...
OCR has launched new tools and initiatives as part of its efforts to help address the opioid crisis in the...
The Department of Health and Human Services is running a HIPAA Administrative Simplification Optimization Project Pilot and is currently seeking...
The Health Insurance Portability and Accountability Act or HIPAA was passed into legislature on August 21, 1996, when Bill Clinton...
The U.S. Department of Health and Human Services’ Office for Civil Rights has cleared confusion about HIPAA Rules on sharing...
The Secretary of the U.S. Department of Health and Human Services has issued a limited waiver of HIPAA sanctions and...
The New York not-for-profit community health plan Amida Care has reported a HIPAA breach that has potentially impacted 6,231 of...
In January 2014, the HHS proposed a new rule for certification of compliance for health plans. The rule would have...
The recent attack in Las Vegas has prompted the Department of Health and Human Services’ Office for Civil Rights to...
The U.S. Department of Health and Human Services has already issued two partial waivers of HIPAA sanctions and penalties in...
A public health emergency has been declared in areas of the U.S. Virgin Islands, Puerto Rico, and Florida affected by...
In a recent letter to the House Ways and Means Health Subcommittee, the American Hospital Association (AHA) suggested several steps...
During emergencies such as natural disasters, complying with all HIPAA Privacy Rule provisions can be a challenge for hospitals and...
West Virginia senators Joe Manchin and Shelley Moore Capito have announced that Jessie’s Law has been passed by the Senate....
Last month, the Department of Health and Human Services confirmed it was mulling over updating its data breach portal –...
Since 2009, the Department of Health and Human Services’ Office for Civil Rights has been publishing summaries of healthcare data...
The Mississippi Division of Medicaid (DOM) has announced that 5,220 Medicaid recipients have had some of their protected health information...
Healthcare employees discovered to have improperly accessed the medical records of patients are likely to be terminated by their employers...
Tom Price was appointed as secretary of the Department of Health and Human Services on February 10, 2017, replacing Sylvia...
The Department of Health and Human Services’ Office for Civil Rights has updated its HIPAA Privacy Rule guidance for healthcare...
Madison, New Jersey-based clinical laboratory service provider Quest Diagnostics is alerting 34,000 patients that some of their electronic protected health...
A further 4,100 cardiac patients have been notified that some of their protected health information was exposed due to a...
Could a networked device that’s designed to enhance security be exploited by hackers to gain access to your network? In...
The U.S. Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology (ONC) and Office...
The importance of ensuring browsers and plugins are kept up to date has been highlighted by the discovery of a...
There has been a surge in Distributed Denial of Service (DDoS) and Denial of Service (DOS) attacks over the past...
18,854 health plan members have been notified of a potential breach of their protected health information following the loss of...
West Covina, CA-based East Valley Community Health Center (EVCHC) has started notifying patients that some of their electronic protected health...
Last week, the House of Representatives unanimously voted in favor of the 21st Century Cures Act. Yesterday, the bill sailed...
According to figures from the Federal Trade Commission, Florida is one of the top three states for fraud and identity...
A considerable proportion of IT security budgets are directed to securing the network perimeter and with good reason. Hackers are...
Researchers in the UK/Belgium have discovered it is possible to hack certain medical devices even when no prior understanding of...
A nurse employed by Glendale Adventist Medical Center in Glendale, CA has been fired for inappropriately accessing the medical records...
Sagewood, a retirement community in Phoenix, AZ, has notified 800 current and former residents about a ransomware attack that has...
OptumHealth New Mexico has notified 2,006 patients of a privacy breach that was caused by one of its vendors. The...
The 21st Century Cures Act has been passed by the House of Representatives with a vote of 392-26. One Democrat...
The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued a warning to healthcare organizations about...
Experian’s Data Breach Resolution team has released its annual data breach industry forecast for 2017. Experian has evaluated current cybersecurity...
Berkshire Medical Center (BMC) in Pittsfield, Massachusetts has been informed that 1,745 patients of its cardiology department have been impacted...
A recent survey conducted by Vanson Bourne on behalf of endpoint protection software vendor SentinelOne has cast light on the...
CHI Franciscan Health has started notifying patients about the potential exposure of some of their electronic protected health information after a...
The healthcare industry is coming under attack by the actors behind the Gatak Trojan. Gatak, or Stegoloader as it is...
Vascular Surgical Associates – A group of specialty-trained vascular surgeons in Atlanta – has announced that it has been the...
Wentworth-Douglass Hospital in Dover, New Hampshire has started alerting patients to a privacy breach experienced by one of its vendors,...
This year, hospitals throughout the United States have been targeted by cybercriminals using ransomware. The malicious file-encrypting software is used...
The Department of Health and Human Services’ Office for Civil Rights (OCR) has agreed to a $650,000 settlement with University...
Two providers of chiropractic services in California have started notifying their patients of a security breach affecting their billing software...
Briar Hill Management, a Ridgeland, MS-based provider of management services for skilled nursing facilities in Mississippi, has lost a laptop...
Last year, more than 113 million healthcare records were exposed or stolen as a result of healthcare data breaches. With...
The Department of Health and Human Services’ Office for Civil Rights has recently issued guidance for HIPAA covered entities on...
Today, a breach notice has appeared – dated August 18 – on the Department of Health and Human Services’ Office...
The Department of Health and Human Services’ Office for Civil Rights (OCR) has now selected covered entities from its pool...
Ted Lieu, D-Calif. and Will Hurd, R-Texas., have written to OCR Deputy Director for Health Information Privacy Deven McGraw raising...
Earlier this year the Office for Civil Rights issued guidance for healthcare providers and health plans on the general right...
Deven McGraw – deputy director of health information privacy at the Office for Civil Rights (OCR) – has offered some...
The Department of Health and Human Services Office for Civil Rights (OCR) has published a new HIPAA audit protocol for...
The Department of Health and Human Services’ Office for Civil Rights has announced that the phase 2 HIPAA compliance audits have...
Office for Civil Rights deputy director of health information privacy, Deven McGraw, has provided an update on the OCR’s planned...
The Health Insurance Portability and Accountability Act’s Privacy Rule gives healthcare patients the right to obtain a copy of their...
The Department of Health and Human Services’ Office for Civil Rights website has been redesigned and upgraded and features a...
The Department of Health and Human Services has issued a final rule permitting certain covered entities to disclose specific elements...
ProPublica has created a database of healthcare organizations that have violated patient privacy to make it easier for consumers to...
Update: The Meaningful Use program was renamed in 2018 to the Promoting Interoperability program to highlight CMS´ focus on interoperability...
Is Your Organization HIPAA Compliant?
Find Out With Our Free HIPAA Compliance Checklist
Get Free Checklist