• Mon - Fri: 8am - 6pm ET
  • support@compliancebeacon.com
  • +1 (814) 343-0717

The 2025 Proposed HIPAA Security Rule: What Providers Need to Know

Jul 15, 2025
60 Mins
Adam H. Laughton
Adam H. Laughton

The HIPAA Security Rule has remained largely unchanged for over 15 years. In the final days of the Biden Administration, the Office for Civil Rights (OCR) issued a proposed rule to significantly revise and modernize the Security Rule. This update responds to growing cybersecurity threats—such as ransomware, hacking, and other forms of data breaches—and aims to align compliance standards with current technological realities. The proposed changes impose more stringent and specific requirements on covered entities and business associates to safeguard electronic protected health information (ePHI).

Webinar Objectives

This program is designed to help attorneys, compliance professionals, and technology advisors better support healthcare providers and organizations in understanding and meeting the expanded requirements of the proposed HIPAA Security Rule. Attendees will gain insights into key changes, practical compliance strategies, and how to prepare for increased enforcement activity in this evolving regulatory landscape.

Webinar Agenda

·  Introduction & Background

  • History and purpose of the HIPAA Security Rule
  • Key terminology and foundational principles

·  Overview of the Proposed Revisions

  • Summary of significant changes
  • Key areas of enhanced compliance obligations
  • Updates to risk analysis and risk management expectations

·  Addressing Modern Threats and Technologies

  • Cybersecurity risks: ransomware, phishing, unauthorized access
  • Incorporating new standards for encryption, authentication, and system monitoring

·  Operational Impacts and Common Compliance Challenges

  • Real-world examples of vulnerabilities and enforcement actions
  • Practical tips for policy updates, training, and incident response

·  Next Steps and Resources

  • Preparing for the final rule and potential implementation timeline
  • Tools, templates, and references for ongoing compliance
  • Live Q&A and discussion
Webinar Highlights
  • Prepare attendees to meet the new, strengthened risk analysis requirements, including the mandated development of a technology asset inventory and a detailed network map.
  • Identify updated requirements for HIPAA compliance audits and what organizations must do to stay audit-ready.
  • Discuss new provisions for emergency preparedness and contingency planning, emphasizing enhanced expectations for continuity and recovery.
  • Explain the elimination of the “required” vs. “addressable” distinction, and how this change significantly raises the bar for compliance.
  • Describe new mandates for encryption and multi-factor authentication (MFA) to secure access and protect electronic protected health information (ePHI).
Who Should Attend

Attorneys, in-house counsel, Privacy officers, Security officers

Adam H. Laughton

Adam H. Laughton guides health care providers and other parties through the complexities of health care transactions, including inevitable regulatory questions, licensing, payor enrollment and many other issues. Adam has handled transactions involving a wide variety of providers and facilities, including hospitals, ambulatory surgery centers, behavioral health providers and freestanding emergency rooms, as well as physician practices and other entrepreneurs in the health care space. These transactions have included deals as large as $1 billion, and are located in a wide variety of locations around the United States.

Adam’s experience also includes regulatory and compliance matters, such as HIPAA, Stark/Anti-Kickback, False Claims Act, and state law issues. He advises businesses on corporate and transactional matters ranging from reorganizations and mergers to the development of complex organizational and contractual structures and joint ventures. Adam has advised companies in many stages of their lifecycle on both regulatory and transactional issues, including start-up companies utilizing machine learning and artificial intelligence regarding applications of HIPAA to their operations.

As part of his work with health care providers and in conjunction with his transactional and regulatory work, Adam assists providers with internal investigations of compliance matters, including False Claims Act investigations and Stark self-disclosures to the OIG. Adam has worked with providers dealing with payor audits and other reimbursement issues, including Medicare appeals and No Surprises Act disputes.

Related Webinars

Recorded Webinar -

Do’s and Don’ts When Dealing with a Medical Record Audit

Read More

Live Webinar -

Healthcare Enforcement 2025 Update: Stark, Anti-Kickback and False Claims Act

Read More

Quick Link

About Us Contact Us Privacy Policy Terms & Condition Packages

Quick Link

Fulfillment & Delivery Policy Custom Trainings Join our Mailing List Online Registration Refunds and Cancellations CompliancEducator

Contact

567 Oaklynn Ct, TB, Pittsburgh, PA 15220

+1 (814) 343-0717

support@compliancebeacon.com

100% Money Back Guaranteed

Newsletter

Subscribe to our newsletter for information on latest changes and compliance updates

Copyright © 2025, Compliance Beacon | All Rights Reserved.
SSL Secure Connection DMCA Paypal Stripe Ach Check