CHA News

HHS Seeks Comments on Cybersecurity Practices and HIPAA Penalties

For privacy officers, legal counsel

This post has been archived and contains information that may be out of date.

The Department of Health and Human Services Office of Civil Rights has issued a request for information on the security practices of covered entities and its determinations on fines, audits, and remedies to resolve potential violations of the 1996 HIPAA Security Rule.  

The Office of Civil Rights seeks responses to 30 specific questions, which will be used to inform future rulemaking. Comments on the request for information are due by June 6.