The 2015 HIPAA Security conference held by the National Institute of Standards and Technology (“NIST”) and the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) kicked off last week with OCR’s announcement of a new settlement. In its latest settlement with a small health care provider, OCR emphasized comprehensive risk assessments and securing mobile devices.

This comes on the heels of the recently released NIST draft guide for securing electronic health information on mobile devices. The conference also brought a much anticipated audit update. And newly appointed Deputy Director, Deven McGraw, promised new guidance as early as October (2015).

Continue reading here.