Photo of Andrew Elbon

Andrew Elbon practices in the areas of employee benefits and executive compensation and provides counsel to clients on the HIPAA privacy and security regulations and the HITECH Act as they apply to group health plans and other covered entities and business associates.

Proposed regulations may require employers to invest additional resources to safeguard group health plan participants’ protected health information.

In this installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we will explore the impact the NPRM

The Department of Defense Inspector General (DoDIG) recently released its “Audit of the DoD’s Implementation and Oversight of the Controlled Unclassified Information [CUI] Program” (DODIG-2023-078). The audit highlights some of DoD’s challenges in implementing the CUI Program and provides recommendations on how to make the program work better. The DoD’s response to the