Andrew Elbon

Andrew Elbon practices in the areas of employee benefits and executive compensation and provides counsel to clients on the HIPAA privacy and security regulations and the HITECH Act as they apply to group health plans and other covered entities and business associates.

Follow:

HHS’s Proposed Security Rule Updates Could Require Group Health Plan Document Changes and New Plan Sponsor Security Practices

By Andrew Elbon & Samuel Adams on January 30, 2025

Posted in Data Security, HIPAA / Electronic Health Information, U.S. Department of Health and Human Services (HHS)

Proposed regulations may require employers to invest additional resources to safeguard group health plan participants’ protected health information.

In this installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we will explore the impact the NPRM…

DoDIG Audit of Controlled Unclassified Information (CUI) Program: Findings and Next Steps for Contractors

By Nathaniel J. Greeson & Andrew Elbon on June 23, 2023

Posted in Cybersecurity, Data Collection, Data Security, Vendor Management

The Department of Defense Inspector General (DoDIG) recently released its “Audit of the DoD’s Implementation and Oversight of the Controlled Unclassified Information [CUI] Program” (DODIG-2023-078). The audit highlights some of DoD’s challenges in implementing the CUI Program and provides recommendations on how to make the program work better. The DoD’s response to the…

Online and On Point

Andrew Elbon

HHS’s Proposed Security Rule Updates Could Require Group Health Plan Document Changes and New Plan Sponsor Security Practices

Proposed regulations may require employers to invest additional resources to safeguard group health plan participants’ protected health information.

DoDIG Audit of Controlled Unclassified Information (CUI) Program: Findings and Next Steps for Contractors

About Our Firm