HIPAA Security Rule NPRM – What the 2024 (Proposed) Changes Could Mean for You

This CEU webinar provides a clear and practical overview of the December 2024 Notice of Proposed Rulemaking (NPRM) to update the HIPAA Security Rule. These are not final requirements, but they offer insight into the federal government’s direction as it seeks to modernize healthcare cybersecurity standards for the first time in over 20 years.

This session is designed for compliance professionals, privacy and security officers, and healthcare administrators who want to understand what’s in the proposal and how to prepare for what may come.

Participants will gain clarity on the NPRM’s intent and scope, including proposed updates to risk analysis, authentication, contingency planning, and vendor oversight. The session also addresses growing industry confusion and misinformation surrounding the NPRM.

The webinar will cover:

• The purpose, scope, and status of the NPRM, including how to track its progress
• Proposed changes to administrative, physical, and technical safeguards
• Expectations for documentation and policies, including vendor oversight and Business Associate responsibilities
• HHS’s enforcement priorities and how to avoid premature compliance actions based on misinformation

Attendees will leave with a grounded understanding of what’s proposed, what’s not yet required, and how to stay informed and prepared as the rulemaking process unfolds.

This course is good for 1 CEU.

Date: September 10, 2025

Time: 12:00pm – 1:00pm EST

Speaker – Nancy Ware, CHC

Disclosure: Nancy is employed by Total Medical Compliance.

Nancy Ware is a seasoned Senior HIPAA Compliance Specialist with over 20 years of experience in healthcare compliance, privacy, and security regulations. She has a wealth of experience working with both Covered Entities and Business Associates, navigating the unique requirements each must adhere to under HIPAA. Throughout her career, Nancy has successfully developed compliance programs from the ground up and revitalized existing programs to ensure they meet current regulatory standards.

Continuing Education

Total Medical Compliance is an ADA CERP Recognized Provider.  Total Medical Compliance designates this activity for 1.0 continuing education credits. The entire course must be attended in full; no partial credit will be awarded.

Attendance & Cancellation

Cancellations prior to the last 10 days will be eligible to receive a full refund. Cancellations received within 10 days of the webinar date may transfer their registration to another date. No refunds will be provided.

 ADA CERP is a service of the American Dental Association to assist dental professionals in identifying quality providers of continuing education. ADA CERP does not approve or endorse individual courses or instructors, nor does it imply acceptance of credit hours by boards of dentistry. Concerns or complaints about a CE provider may be directed to the provider or to the Commission of Continuing Education Provider Recognition at ADA .org/CERP.

*We reserve the right to cancel the webinar if there are not enough attendees.