The Department of Health and Human Services, Office for Civil Rights (HHS-OCR) announced on Dec. 1, 2025 its plans to produce a video on the HIPAA Security Rule's risk management implementation requirement. During the video, Nicholas Heesters, Senior Advisor for Cybersecurity for HHS-OCR will present on the following topics:
- HIPAA Security Rule Risk Management requirements
- OCR investigations with potential Risk Management violations
- Risk Management and cybersecurity resources
Heesters will also respond to questions submitted to HHS-OCR for the video.
To have your question addressed in the video, you must submit it to [email protected] no later than December 8, 2025. The video is an opportunity for HIPAA covered entities and business associates to better understand risk management implementation requirements in light of HHS-OCR's risk analysis initiative.
HHS-OCR did not give a release date for the video.
/Passle/673b7187983090b59d166389/SearchServiceImages/2026-06-05-20-13-52-004-6a232e00d05653fa28ef38da.jpg)
/Passle/673b7187983090b59d166389/SearchServiceImages/2026-05-28-19-32-55-166-6a189867fc4d48c37d3bb66f.jpg)
/Passle/673b7187983090b59d166389/SearchServiceImages/2026-05-19-19-23-47-934-6a0cb8c3af2107cbee0387b8.jpg)
/Passle/673b7187983090b59d166389/SearchServiceImages/2026-05-19-15-04-04-310-6a0c7be4253f7e4113f0839c.jpg)