View Rule

View EO 12866 Meetings Printer-Friendly Version     Download RIN Data in XML

HHS/OCR RIN: 0945-AA22 Publication ID: Spring 2024 
Title: Proposed Modifications to the HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected Health Information 
Abstract:

This rule will propose modifications to the Security Standards for the Protection of Electronic Protected Health Information (the Security Rule) under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act). These modifications will improve cybersecurity in the health care sector by strengthening requirements for HIPAA regulated entities to safeguard electronic protected health information to prevent, detect, contain, mitigate, and recover from cybersecurity threats.

 
Agency: Department of Health and Human Services(HHS)  Priority: Section 3(f)(1) Significant 
RIN Status: Previously published in the Unified Agenda Agenda Stage of Rulemaking: Proposed Rule Stage 
Major: Yes  Unfunded Mandates: Undetermined 
CFR Citation: 45 CFR 160    45 CFR 164   
Legal Authority: Health Insurance Portability and Accountability Act of 1996 (HIPAA), sec. 262 (42 U.S.C. 1320d-2)    Health Information Technology for Economic and Clinical Health (HITECH) Act, sec. 13401 (42 U.S.C. 17931)   
Legal Deadline:  None
Timetable:
Action Date FR Cite
NPRM  12/00/2024 
Regulatory Flexibility Analysis Required: Undetermined  Government Levels Affected: Undetermined 
Small Entities Affected: Businesses, Governmental Jurisdictions, Organizations  Federalism: Undetermined 
Included in the Regulatory Plan: Yes 
International Impacts: This regulatory action will be likely to have international trade and investment effects, or otherwise be of international interest.
RIN Data Printed in the FR: No 
Agency Contact:
Marissa Gordon-Nguyen
Senior Advisor for Health Information Privacy, Data, and Cybersecurity Policy
Department of Health and Human Services
Office for Civil Rights
200 Independence Avenue SW,
Washington, DC 20201
Phone:800 368-1019
TDD Phone:800 537-7697
Email: ocrprivacy@hhs.gov