New HIPAA Privacy Rule Guidance

Client Alert | less than 1 min read | 12.04.02

The Department of Health and Human Services' Office of Civil Rights (OCR) has released a 100+ page guidance document on the HIPAA Privacy Rule. The guidance document discusses a broad array of topics in a Q&A format. OCR is the agency responsible for enforcing the Privacy Rule, so this guidance provides useful insight about the government's approach to some of the Privacy Rule's "hot topics". For example, OCR states that physicians with hospital staff privileges need not enter into business associate contracts with the hospital, because joint physician-hospital activities fall under the definition of "organized health care arrangement".

Insights

Client Alert | 3 min read | 05.14.26

CISA’s “CI Fortify” Initiative Signals New Expectations for Critical Infrastructure Resilience: What Operators and Vendors Need to Know

On May 5, 2026, CISA announced CI Fortify — an initiative directing critical infrastructure owners and operators to prepare for geopolitical conflict in which OT networks are actively targeted while communications infrastructure is simultaneously degraded....

Client Alert | 4 min read | 05.14.26
No-Fly Zones for Drones: FAA Proposes New Rules Over Critical Infrastructure
Client Alert | 2 min read | 05.14.26
Proposed DFARS Rule Could Require Disclosures and Mitigation Related to Foreign Ownership, Control, and Influence (FOCI) on Certain Unclassified Contracts
Client Alert | 4 min read | 05.14.26
Supply Chain Disruption – Again

View All Insights