NIST HIPAA Security Rule Guidance
Client Alert | less than 1 min read | 12.04.08
The Department of Commerce's National Institute of Standards and Technology has published a set of detailed guidance materials to serve as a framework for complying with the HIPAA security rules. The guidance includes checklists for compliance requirements, a glossary, cross references to standards and definitions, and a table of prior NIST published standards on security in various types of situations. Click here to download "An Introductory Resource Guide for Implementing the Health Insurance Portability and Accoutability Act (HIPAA) Security Rule" [PDF] from csrc.nist.gov.
Insights
Client Alert | 13 min read | 06.12.26
The EU Cyber Resilience Act (CRA) is an EU product cybersecurity law for connected products (formally, “products with digital elements” under the CRA) commercialized in the EU; it entered into force on 10 December 2024, with direct application across the EU. Full application begins 11 December 2027, but one of its most operationally demanding provisions takes effect in just under 100 days, on 11 September 2026: the mandatory vulnerability and incident reporting under Article 14 CRA.
Client Alert | 6 min read | 06.11.26
CMS Announces New Medicaid Eligibility Requirements: Implications for Managed Care Plans
Client Alert | 7 min read | 06.11.26
Qatar Rewrites the Playbook: What the New Public M&A Rules Mean for Market Participants
Client Alert | 2 min read | 06.11.26
Synthetic Performers, Real Consequences: Implications of Trailblazing New York AI Ad Law
