HIPAA Privacy and Security (UPDATES) 2026

HIPAA Privacy & Security 2026: What Healthcare Compliance Teams Need to Know

HIPAA compliance is evolving as enforcement intensifies and regulatory expectations shift. With updates to privacy, security, and breach reporting on the horizon, 2026 represents a period of adjustment for covered entities and business associates alike. Staying informed now can help your organization interpret changes, understand emerging expectations, and align internal practices with the latest guidance.

This session offers a focused overview of the most relevant HIPAA Privacy and Security updates slated for 2026—covering key revisions, enforcement trends, and practical considerations from real-world case examples. You’ll walk away with a clearer picture of where the regulatory landscape is headed and what areas may merit closer internal review.

Webinar Highlights:

1. Evolving HIPAA Enforcement Priorities

OCR and federal regulators are applying HIPAA and HITECH with renewed focus. Expectations around privacy and security practices, breach documentation, and risk assessment are becoming more explicit—even as formal rule changes proceed.

2. Privacy Rule Clarifications

Updates may refine aspects of patient rights, permitted disclosures, and protected health information (PHI) definitions. Understanding these clarifications supports compliant handling of sensitive health data.

3. Security Rule Trends

Anticipated changes emphasize cybersecurity safeguards, risk management, and practical security expectations for covered entities and business associates. Preparing for modern threats remains central to compliance strategies.

4. Practical Risk Awareness

Case examples of breaches, audit findings, and enforcement outcomes illustrate common risk areas — helping teams prioritize where to refine policies, monitoring, and training.

5. Operational Readiness

While specifics of final rules may continue to evolve, early awareness of trends and guidance allows organizations to refine internal workflows, documentation practices, and compliance oversight before new expectations take effect.

Why Should You Attend:

• Recognize the most common compliance risks and violations.
• Protect your organization from fines through proactive measures.
• Navigate new rules around patient rights, access, and information sharing.
• Understand how patients can now seek cash remedies for violations.
• Apply proven strategies to strengthen your compliance program.

Who Should Attend:

• Practice Managers
• Compliance Officers
• Healthcare Providers
• MDs and Specialists

Business associates working with healthcare organizations, such as

• Billing & Transcription Companies
• IT Service Providers
• Home Health Groups
• Answering Services
• Coders and Attorneys

Speaker:- Brian L Tuttle

Brian L Tuttle, CPHIT, CHP, CBRA, Net+, A+, CCNA, MCP is a Certified Professional in Health IT (CPHIT), Certified HIPAA Professional (CHP), Certified HIPAA Administrator (CHA), Certified Business Resilience Auditor (CBRA), Certified Information Systems Security Professional (CISSP) with over 18 years' experience in Health IT and Compliance Consulting. With vast experience in health IT systems (i.e. practice management, EHR systems, imaging, transcription, medical messaging, etc.) as well as over 18 years’ experience in standard Health IT with multiple certifications and hands-on knowledge, Brian serves as compliance consultant and has conducted onsite and remote risk assessments for over 1000 medical practices, hospitals, health departments, insurance plans, and business associates throughout the United States.

In addition, Mr Tuttle has served in multiple litigated court cases serving as an expert witness offering input related to best practices and requirements for securing and providing patient access to protected health information. Mr. Tuttle has also worked directly with the Office of Civil Rights (OCR) both in defending covered entities and business associates as well as being asked by the Federal government to audit covered entities and business associates on behalf of the OCR. Almost all of Brian’s clients are earned by referral with little or no advertising.