The Department of Health and Human Services, Office for Civil Rights (HHS-OCR) announced on Dec. 1, 2025 its plans to produce a video on the HIPAA Security Rule's risk management implementation requirement. During the video, Nicholas Heesters, Senior Advisor for Cybersecurity for HHS-OCR will present on the following topics:
- HIPAA Security Rule Risk Management requirements
- OCR investigations with potential Risk Management violations
- Risk Management and cybersecurity resources
Heesters will also respond to questions submitted to HHS-OCR for the video.
To have your question addressed in the video, you must submit it to OCRPresents@hhs.gov no later than December 8, 2025. The video is an opportunity for HIPAA covered entities and business associates to better understand risk management implementation requirements in light of HHS-OCR's risk analysis initiative.
HHS-OCR did not give a release date for the video.
/Passle/673b7187983090b59d166389/SearchServiceImages/2026-01-20-21-33-02-048-696ff48eaf056dbfb5cd90d9.jpg)
/Passle/673b7187983090b59d166389/SearchServiceImages/2026-01-08-20-42-52-852-696016ccb64556212835f1d4.jpg)
/Passle/673b7187983090b59d166389/SearchServiceImages/2026-01-09-16-55-57-939-6961331dd42b6e4a584114fd.jpg)
/Passle/673b7187983090b59d166389/MediaLibrary/Images/2026-01-09-16-44-16-950-69613060d42b6e4a584104e8.png)