PrivacySignal
Healthcare

HIPAA Security Rule Update Postponed: More Time Given to Implement Major HIPAA Security Rule Changes

HIPAA Journal · · US Federal · Healthcare Privacy

Federal regulators have extended the timeline for HIPAA-regulated entities to comply with proposed updates to the HIPAA Security Rule, giving covered organizations additional time to prepare for the changes. The postponement applies broadly to entities subject to HIPAA, including healthcare providers, insurers, and their business associates.

Why this matters: Health data is some of the most sensitive information that exists about you. The HIPAA Security Rule is supposed to set the floor for how organizations protect it. A delay in tightening those rules means more time where healthcare providers, insurers, and their vendors can continue operating under older, weaker standards. That may feel like relief for compliance teams. For patients, it means the clock on better protections keeps running without moving. The question is whether the delay serves organizations that genuinely need time to adapt, or ones that were hoping the pressure would just go away.

Who should care: Healthcare professionals · Privacy officers · Compliance · Lawyers

This summary is AI-assisted and may contain errors. It is an original briefing to help you gauge significance quickly — not a reproduction of the source. Always read the linked original before relying on it. See our methodology.

Related stories

Healthcare
HIPAA Journal · · US Federal

Small Practice Owners Guide to HIPAA Compliance Programs

A guide from The HIPAA Journal addresses how small medical practice owners bear direct legal responsibility for HIPAA compliance, even when routine compliance tasks are delegated to staff or third parties. The piece outlines how that personal accountability shapes what a functioning compliance program needs to look like.

Who should care: Healthcare professionals · Privacy officers · Compliance · Lawyers

#healthcare#regulation Read original →
Healthcare
HIPAA Journal · · US Federal

AdaptHealth Reports Material Cybersecurity Incident and Theft of Patient Data

AdaptHealth, a publicly traded home medical equipment and supplies company, has disclosed a cybersecurity incident it has classified as material, involving the theft of patient data. The breach affects customers who rely on the company for home health products including diabetes supplies and sleep therapy equipment.

Who should care: Healthcare professionals · Privacy officers · Compliance

#healthcare Read original →
Healthcare
HIPAA Journal · · US Federal

Delaware & Florida Women’s Health Centers Announce Data Breaches

Two women's health clinics — one in Delaware, one in Florida — have disclosed separate data breach incidents involving unauthorized access to or retention of patient information. Both providers are covered under HIPAA, which governs the handling of sensitive health data.

Who should care: Healthcare professionals · Privacy officers · Compliance

#healthcare Read original →
Healthcare
HIPAA Journal · · US Federal

ClickFix Social Engineering Technique is the Leading Method for Malware Delivery

The ClickFix social engineering technique is the leading method of malware delivery, according to an analysis by researchers at ReliaQuest. […] The post ClickFix Social Engineering Technique is the Leading Method for Malware Delivery appeared first on The HIPAA Journal.

Who should care: Healthcare professionals · Privacy officers · Compliance

#healthcare#security Read original →
Healthcare
HIPAA Journal · · US Federal

Building a HIPAA Compliance Program as a Dental Office Manager

A guide aimed at dental office managers outlines the steps involved in building a HIPAA compliance program, starting with identifying how protected health information flows through a dental practice. The piece walks through the practical groundwork required to meet federal privacy and security requirements in a clinical office setting.

Who should care: Healthcare professionals · Privacy officers · Compliance · Lawyers

#healthcare#regulation Read original →