Practice administrators seeking federal grants or contracts must look beyond HIPAA, completing SAM registration and adopting FAR 52.204‑21’s 15 essential cybersecurity controls to safeguard PHI, PII, FCI and CUI.

HIPAA | © MclittleStock - stock.adobe.com

HIPAA highlights: 2 disturbing class actions, OCR risk analysis enforcement

By Rachel V. Rose, JD, MBA

April 24th 2025

Two class-action lawsuits targeting the University of Maryland Medical Center and the University of Kansas Health System for years-long cyberstalking and unauthorized access to protected health information spotlight massive HIPAA risk-analysis failures and underscore the urgent need for stronger health care cybersecurity safeguards.

Key components of the HHS Security Rule NPRM

By Rachel V. Rose, JD, MBA

January 23rd 2025

The long anticipated HIPAA Security Rule Notice of Proposed Rule Making strives to strengthen electronic protected health information cybersecurity.

HIPAA | © profit_Image - stock.adobe.com

3 recent HIPAA enforcement actions.

By Rachel V. Rose, JD, MBA

January 9th 2025

“Cybersecurity is patient safety” and the continued downstream implications for the use of PHI for other unlawful purposes including insurance fraud and predatory practices targeted at minors are significant.

Lessons from a criminal HIPAA verdict

By Rachel V. Rose, JD, MBA

August 9th 2024

Each practice should learn from the result of this HIPAA case.

...

12 13 14 15 16

About Us

Advertise

Contribute

Editorial Advisory Board

Privacy

Terms and Conditions

Do Not Sell My Information

Contact Info

2 Commerce Drive
Cranbury, NJ 08512

609-716-7777