Verisma
Compliance & Regulatory
Resources
Compliance & Regulatory Roundtable
Join us May 13, 2026 for a special interactive discussion on current regulatory topics. Seats are limited, so register today!
Regulatory Brief: Proposed Rule to Support Reproductive Health Privacy (April 2023)
Following the Supreme Court decision in Dobbs, President Biden directed that the Department of Health and Human Services (HHS) and the Federal Trade Commission review existing laws and regulations for opportunities to further bolster reproductive healthcare. This regulatory brief explains the April 2023 NPRM that was released as part of this initiative.
HIPAA vs. HITECH vs. Cures Act: A Fragmented Regulatory Landscape
The healthcare privacy landscape in the U.S. is fragmented, lacking a universal law and relying on a patchwork of federal and state regulations overseen by multiple agencies. This whitepaper sheds light on federal privacy laws, patient access regulations, and how the existing patchwork fails to offer comprehensive patient privacy protections.
5 Common “Tells” of a Fraudulent Request
Fraudulent requests are a growing concern with far-reaching risks, from compromising sensitive patient data to violating privacy regulations and facing potential legal consequences. We compiled a list of “red flags” for the HI community as a reference to identify and stop these attacks.
Sign up to Receive Compliance & Regulatory Updates
In the News
May 7, 2026
Ready, Set, Go: Implementation of Medicaid Work Requirements is on its Way
McDermott+ | The One Big Beautiful Bill Act (OBBBA) requires states to implement Medicaid work requirements by January 1, 2027. States must verify that enrollees meet work, education or community engagement requirements, while exemptions apply for groups such as pregnant individuals, caregivers and those deemed “medically frail.” CMS is expected to release an interim final rule by June 1, 2026, which will clarify key implementation details, including how exemptions and compliance verification will work.
May 7, 2026
CISA Launches Critical Infrastructure Cyber Resilience Initiative
TechTarget | The Cybersecurity and Infrastructure Security Agency has launched a new initiative, CI Fortify, aimed at helping critical infrastructure entities maintain continuity of key services during a cyberattack. CISA urged critical infrastructure organizations, such as healthcare organizations, to develop isolation and recovery capabilities immediately, if they have not already.
April 24, 2026
AHA Calls for TEFCA Individual Access SOP Delay, Citing Patient Privacy Concerns
TechTarget | The American Hospital Association published a letter to The Sequoia Project asking it to delay implementation of the TEFCA Individual Access Services Exchange Purpose Standard Operating Procedures version 3.0. The association cited patient privacy concerns, saying it could expose hospitals to data breaches and patient misidentification.
April 21, 2026
Behavioral Health Data Exchange Challenges Impede Interoperability, Says ONC
Healthcare IT News | Technical barriers, workforce limitation, privacy concerns and cost may all contribute to lower rates of electronic exchange of health information by mental health and substance abuse treatment facilities, a new analysis shows.
April 10, 2026
Proposed CMS Rule Would Set Prior Auth Deadlines for Drugs
Fierce Healthcare | The Centers for Medicare & Medicaid Services proposed a rule to overhaul pharmaceutical prior authorization by requiring insurers to make decisions within 24 hours for urgent requests and 72 hours for standard ones. The rule would also mandate public reporting on approval rates, denials, appeals, and decision timelines to increase transparency.
Need a roadmap to maintain compliance?
Regulatory Links
HIPAA – HHS Offices for Civil Rights (OCR) and the National Coordinator for Health Information Technology (ONC)
Individuals’ Right under HIPAA to Access their Health Information 45 CFR 164.524
Patient Access to Health Records
Information Related to Mental and Behavioral Health, including Opioid Overdose
Frequently asked HIPAA questions
