Happy 2025: OCR Proposes Sweeping HIPAA Security Rule Amendments

By Cynthia J. Larose

In response to an alarming increase in the size and frequency of large-scale data breaches involving protected health information, the U.S. Department of Health & Human Services Office for Civil Rights (OCR) dropped a bit of a year-end bombshell:  proposed HIPAA Security Rule amendments, currently available here.

The proposal – which represents a major revision to the Security Rule --  aims to strengthen the Security Rule in order to combat this data breach trend.  New requirements will apply to covered entities and their business associates alike, as the Security Rule applies equally to covered entities and business associates.  You can read more about the proposal on our Health Law Matters blog:

https://www.mintz.com/insights-center/viewpoints/52541/2024-12-30-ocr-proposes-sweeping-hipaa-security-rule-amendments

Subscribe To Viewpoints

Published

    • Viewpoint Topics

  • Privacy & Cybersecurity

    • Related Practices

  • Privacy & Cybersecurity

    • Author

    Cynthia J. Larose

    Cynthia J. Larose

    Member / Co-Chair, Privacy & Cybersecurity Practice

    Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.