• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy, Cyber & Data Strategy Blog

  • Home
  • Services
  • Events
  • Contacts

HITECH

New Law Requires HHS to Consider Recognized Security Practices as Mitigating Factor When Determining Penalties

January 21, 2021 By Privacy, Cyber & Data Strategy Team

On January 5, 2021, the president signed into law H.R. 7898, an Act that amends the Health Information Technology for Economic and Clinical Health (HITECH) Act to require the Secretary of Health and Human Services (HHS) to consider specific recognized security practices of covered entities and business associates when making certain determinations regarding fines, penalties, […]

Filed Under: Data Security, Enforcement, Health Privacy, HHS Tagged With: HHS, HIPAA, HITECH, National Institute for Standards and Technology (NIST)

HHS/OCR Announces Launch of HIPAA Audit Program Phase 2

March 21, 2016 By Privacy, Cyber & Data Strategy Team

Today, the U.S. Department of Health & Human Services’s (HHS) Office for Civil Rights (OCR) announced the launch of Phase 2 of its HIPAA Compliance Audit Program. (OCR’s announcement can be accessed at Audit Phase 2 Announcement and further information about Phase 2 can be accessed at Audit Phase 2 Information.) In this phase, OCR will […]

Filed Under: Advisories, Cybersecurity, Data Breach, Data Security, Enforcement, Health Privacy, Regulation, Security Breach Tagged With: Health Information Privacy, Health Information Security, HIPAA, HIPAA Audit Program, HIPAA Breach Notification Rule, HIPAA Privacy Rule, HIPAA Security Rule, HITECH

HIPAA/HITECH Act Accounting of Disclosures NPRM: Redux?

October 14, 2014 By Privacy, Cyber & Data Strategy Team

In May 2011, the Office for Civil Rights (OCR) of the U.S. Department of Health & Human Services (HHS) issued a proposed rule to modify the HIPAA Privacy Rule’s standard for accounting of disclosures of protected health information (PHI). The proposed rule would have implemented the HITECH Act’s requirement for covered entities and business associates […]

Filed Under: Advisories, Health Privacy Tagged With: HIPAA, HITECH

Alston & Bird Health Care Advisory: HIPAA Audit Program Phase 2 Update

October 2, 2014 By Privacy, Cyber & Data Strategy Team

We have previously blogged about the U.S. Department of Health & Human Services HIPAA Audit Program, including the Audit Program pilot (November 30, 2011 and March 7, 2012), the release of the Office for Civil Rights (OCR) audit protocols (June 26, 2012), and the status of phase 2 of the Audit Program (February 26, 2014 […]

Filed Under: Data Breach, Health Privacy, Security Breach Tagged With: Health Information Security, HIPAA, HITECH

HIPAA Audit Program Phase 2: Delayed

September 16, 2014 By Privacy, Cyber & Data Strategy Team

A representative of the U.S. Department of Health and Human Services’s Office for Civil Rights (OCR) has recently revealed that OCR has delayed the start of phase 2 of its HIPAA Audit Program – and has revised its plans for phase 2. Previous Plans for Phase 2 Earlier this year, OCR had announced that phase […]

Filed Under: Health Privacy, Legislation, Workplace Privacy Tagged With: Health Information Security, HIPAA, HITECH

  • Page 1
  • Page 2
  • Page 3
  • Go to Next Page »

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy, Cyber & Data Strategy team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


RANSOMWARE FUSION CENTER
Click here to request access

THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up

@ALSTONPRIVACY
Click here to follow us on Twitter

Secondary Sidebar

Categories

Recent Posts

  • UK Publishes Software Security Code
  • Texas AG Secures $1.375 Billion from Google: Key Takeaways for Companies Collecting Consumer Data
  • CISA Issues Enhanced Guidance to Mitigate Cyber Threats to Operational Technology Systems
  • CPPA Issues Revised Draft CCPA Regulations; Votes to Initiate Public Comment Period
  • UK Data Protection Regulator Fines UK Law Firm ~$80,000 Following Ransomware Incident
Copyright © 2025 · Alston & Bird · All Rights Reserved. Privacy.
This website uses cookies to improve functionality and performance. By continuing to browse this site, you are consenting to the use of cookies on this website. OkCookie policy