Analyze This: OCR Kicks Off 2025 with Two New HIPAA Enforcement Actions Against Business Associates as Part of New Risk Analysis Initiative

Just two weeks into the year, 2025 is already shaping up to be a busy year for privacy lawyers, especially those tasked with helping covered entities and business associates comply with the HIPAA Security Rule.  As we discussed in our last post, HHS is proposing to overhaul the Security Rule to “clarify and provide more specific instructions” on the protection of Protected Health Information (“PHI”) and impose more robust requirements for assessments, technical and administrative safeguards, and...
By: Wyrick Robbins Yates & Ponton LLP

Array