The U.S. Department of Health and Human Services’ Office for Civil Rights issued new guidance for “recognized security practices” for enforcing the Health Insurance Portability and Accountability Act, InfoSecurity reports. The guidance clarifies a 2021 rule added into the Health Information Technology for Economic and Clinical Health Act of 2009 which required OCR to evaluate “regulated entities’ implementation of ‘recognized security practices’" over the prior year “when the agency makes certain HIPAA enforcement determinations.”
OCR creates new guidance for HIPAA 'recognized security practices'
Related stories
Privacy in the age of robotics: A discussion with Erin Relford
GPS 2025: Sam Altman, Alex Blania discuss Tools for Humanity's biometric technology
Notes from the IAPP Canada: An evolving approach to privacy amid geopolitical shifts
GPS 2025: European regulators reflect on pay or consent enforcement, concerns
GPS 2025: Collaboration, precision highlight future of US state privacy law enforcement
