Skip to main content

New Resource Guide Released for HIPAA Security Rule

February 22, 2024

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the National Institutes of Standards and Technology (NIST) published a new resource guide for implementation of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule.

This guide is organized to address each measure of the HIPAA Security Rule and, for each, provides key activities, elaborated description, and sample questions for covered entities and business associates to consider when implementing these requirements. With consistent cyberattacks on the health care industry, this guide provides a solid framework for health care organizations and their business associates to assess and improve security measures to protect organizations and patient information.

This blog was drafted by Stacy Harper, an attorney in the Spencer Fane Overland Park, Kansas office. For more information, visit