In a recent interview with an official from the federal Office of Civil Rights (OCR), which enforces HIPAA privacy and security rules, three emerging areas of concern were identified for covered entities. 

Hacking and ransomware continue to be a significant problem for the health-care sectors and covered entities must develop and maintain an incident response plan to deal with these attacks. 

OCR also advised that health-care providers have to be particularly careful when responding to patient complaints on online platforms, if they respond at all. These responses could result in the wrongful disclosure of protected health information of their patients, resulting in significant OCR enforcement actions.  

Finally, HIPAA-covered entities must exercise caution when employing website tracking technologies particularly around business associates agreements and obtaining patient consent.  

Reference

Lewis J. (2023) OCR Official Speaks About Compliance Concerns for HIPAA-Covered Entities and Business Associates JDSUPRA (accessed August 21, 2023).

Share this

Related Posts

State Policy Advocate Network Kicks Off 2026

Wisconsin Bill Seeks to Update Audiology Scope of Practice

Academy Files Rulemaking Petition in Virginia: Public Comment Period Open

Recent Posts

State Policy Advocate Network Kicks Off 2026

The State Policy Advocate Network (SPAN) will hold its first meeting of 2026 on January 28 from 8:00–9:00 pm ET. This opening meeting of the…

Read More

Developmental Timing of Auditory Deprivation Influences Spatial Memory and Hippocampal Plasticity in Rats

Mirsalehi et al. (2025) published a recent article studying auditory deprivation and related changes in spatial memory and hippocampal structure in rats. This study initially…

Read More

Does One Drink Make You Dizzy? Why Alcohol Hits Us Harder as We Age

In the article, “Does one drink make you dizzy? Why alcohol hits us harder as we age,” National Public Radio (NPR) correspondent Maria Godoy discusses…

Read More