New HIPAA Privacy Rule Guidance

Client Alert | less than 1 min read | 12.04.02

The Department of Health and Human Services' Office of Civil Rights (OCR) has released a 100+ page guidance document on the HIPAA Privacy Rule. The guidance document discusses a broad array of topics in a Q&A format. OCR is the agency responsible for enforcing the Privacy Rule, so this guidance provides useful insight about the government's approach to some of the Privacy Rule's "hot topics". For example, OCR states that physicians with hospital staff privileges need not enter into business associate contracts with the hospital, because joint physician-hospital activities fall under the definition of "organized health care arrangement".

Insights

Client Alert | 4 min read | 01.07.26

FDA Request for Information Signals New Path for VC Firms and their Portfolio Companies in Federal Contracting

On December 17, 2025, the U.S. Food and Drug Administration (FDA) issued a request for information (RFI) on a proposal designed to help the FDA engage more directly with innovative, venture-backed companies focused on biotechnology, medical devices, AI, and regulatory technology.[i]The RFI includes 19 questions, with responses due by 2:00 p.m. ET on January 18, 2026....

Client Alert | 3 min read | 01.07.26
CMMC for AI? Defense Policy Law Imposes AI Security Framework and Requirements on Contractors
Client Alert | 3 min read | 01.07.26
New Year, Same CIPA Uncertainty – When Will the Appellate Courts Enter the Chat?
Client Alert | 11 min read | 01.07.26
The Month in International Trade – December 2025

View All Insights