The Department of Health and Human Services, Office for Civil Rights (HHS-OCR) announced on Dec. 1, 2025 its plans to produce a video on the HIPAA Security Rule's risk management implementation requirement. During the video, Nicholas Heesters, Senior Advisor for Cybersecurity for HHS-OCR will present on the following topics:
- HIPAA Security Rule Risk Management requirements
- OCR investigations with potential Risk Management violations
- Risk Management and cybersecurity resources
Heesters will also respond to questions submitted to HHS-OCR for the video.
To have your question addressed in the video, you must submit it to OCRPresents@hhs.gov no later than December 8, 2025. The video is an opportunity for HIPAA covered entities and business associates to better understand risk management implementation requirements in light of HHS-OCR's risk analysis initiative.
HHS-OCR did not give a release date for the video.
/Passle/673b7187983090b59d166389/SearchServiceImages/2025-11-18-15-52-38-759-691c964611052ef2a4d72f26.jpg)
/Passle/673b7187983090b59d166389/SearchServiceImages/2025-11-16-19-12-23-814-691a221734733b14dabb512c.jpg)
/Passle/673b7187983090b59d166389/SearchServiceImages/2025-10-30-15-08-02-979-69037f525e183f94cf08c83b.jpg)
/Passle/673b7187983090b59d166389/SearchServiceImages/2025-10-17-15-19-10-057-68f25e6e2942d5d046cbda72.jpg)