The Department of Health and Human Services, Office for Civil Rights (HHS-OCR) announced on Dec. 1, 2025 its plans to produce a video on the HIPAA Security Rule's risk management implementation requirement. During the video, Nicholas Heesters, Senior Advisor for Cybersecurity for HHS-OCR will present on the following topics:
- HIPAA Security Rule Risk Management requirements
- OCR investigations with potential Risk Management violations
- Risk Management and cybersecurity resources
Heesters will also respond to questions submitted to HHS-OCR for the video.
To have your question addressed in the video, you must submit it to [email protected] no later than December 8, 2025. The video is an opportunity for HIPAA covered entities and business associates to better understand risk management implementation requirements in light of HHS-OCR's risk analysis initiative.
HHS-OCR did not give a release date for the video.
/Passle/673b7187983090b59d166389/SearchServiceImages/2026-06-15-21-50-47-602-6a3073b7705a1110f2c9a41d.jpg)
/Passle/673b7187983090b59d166389/SearchServiceImages/2026-06-08-21-15-16-530-6a2730e42331b443af096bc5.jpg)
/Passle/673b7187983090b59d166389/SearchServiceImages/2026-06-05-20-13-52-004-6a232e00d05653fa28ef38da.jpg)
/Passle/673b7187983090b59d166389/SearchServiceImages/2026-05-28-19-32-55-166-6a189867fc4d48c37d3bb66f.jpg)