HHS Restructuring and New Enforcement Signal Increased Focus on Privacy, Security, and Health Plans

Staff Editor 2026-06-05
HHS Restructuring and New Enforcement Signal Increased Focus on Privacy, Security, and Health Plans

HHS Restructuring and New Enforcement Signal Increased Focus on Privacy, Security, and Health Plans

https://ogletree.com/insights-resources/blog-posts/hhs-restructuring-and-new-enforcement-signal-increased-focus-on-privacy-security-and-health-plans

Publish Date: 2026-06-05 18:12:00

Source Domain: ogletree.com

Quick Hits

  • OCR will be divided into three divisions: the Conscience and Religious Freedom Division, the Civil Rights Division, and the Health Information Privacy, Data, and Cybersecurity Division.
  • HHS and plan sponsor Star Group (SG) reached an agreement to resolve alleged HIPAA violations related to Star Group’s health plan, imposing $245,000 in fines and an extensive corrective action plan.
  • The two-year corrective action plan will require the health plan to conduct a comprehensive HIPAA data security risk analysis, update training materials, and make annual reports to HHS.
  • This enforcement action emphasizes the need for employers to prioritize security measures for health plan protected health information (PHI) and electronic protected health information (ePHI), as ransomware incidents can trigger government scrutiny and potential penalties under HIPAA.

OCR Restructuring

In announcing the restructuring, HHS stated that the new structure would prioritize and reorganize enforcement efforts related to health information privacy and security by establishing a separate, dedicated division of its OCR as one of OCR’s three divisions: (1) the Conscience and Religious Freedom Division; (2) the Civil Rights Division; and (3) the Health Information Privacy, Data, and Cybersecurity Division.

According to a statement from OCR Director Paula M. Stannard, each new OCR division will have a team with “subject-matter expertise and distinct senior executive leadership” dedicated to enforcing HIPAA. Director Stannard further stated that the new structure “rightly prioritizes civil rights and conscience and religious freedom alongside health information privacy and security.”

In particular, this change will enable OCR to address its civil rights protections, specifically “to advance the protection of conscience rights, address race-based discrimination in a color-blind manner, eradicate antisemitism and anti-Christian bias, and restore…

Source

More Stories

AI Governance Expectations on the Rise for Insurers Amid New Regulatory Activity

AI Governance Expectations on the Rise for Insurers Amid New Regulatory Activity

Staff Editor 2026-06-05
Trump mandates military AI use while emphasizing oversight and privacy

Trump mandates military AI use while emphasizing oversight and privacy

Staff Editor 2026-06-05
Ill. Class Gets Cert. In Apple Photos Biometric Privacy Suit

Ill. Class Gets Cert. In Apple Photos Biometric Privacy Suit

Staff Editor 2026-06-05

Terms and Conditions - Privacy Policy