Name: Get Ready for HIPAA’s Biggest Rule Change
Start: 2026-05-20T12:00:00-04:00
End: 2026-05-20T13:00:00-04:00
Location: Virtual

Live Webinar

Get Ready for HIPAA's Biggest Rule Change

The proposed HIPAA Security Rule update would overhaul ePHI security requirements across the board. This webinar prepares you to act quickly if, and when, the rule becomes final.

The HIPAA Rules Are About to Change.

The HIPAA Security Rule hasn’t been significantly updated since 2013. The 2025 Notice of Proposed Rulemaking would end that; requiring mandatory encryption of all ePHI, multi-factor authentication at every access point, structured testing timelines, and annual compliance audits.

The rule is not yet final. But the compliance work required to meet it is not insignificant, and organizations that wait for finalization before preparing might be left scrambling. Join the webinar to learn from Drummond experts who have completed over 220 HIPAA assessments across covered entities, business associates, and health IT organizations

Prepare Now So You Can Move Fast Later

This webinar gives compliance officers, CISOs, and IT leaders a practical head start, built around the most likely final rule requirements.

Understand which proposed changes are most likely to survive into a final rule — and which face the strongest opposition
Know the specific technical controls you should start building toward now, regardless of when finalization happens
Identify where your current program has gaps against the proposed minimum security floor
Leave with a prioritized action list you can act on immediately
Understand how parallel congressional activity could affect your compliance obligations

The webinar context will be updated to reflect the rule’s actual status on the day of the event.

Who Should Watch

This webinar is designed for health IT developers, compliance and certification teams, payer interoperability specialists, and anyone responsible for FHIR implementation, ePA readiness, or HTI-4 certification planning.

Date and Time: Tuesday, May 20, 2026 | 12:00 PM Eastern

Duration: 60 minutes

Format: Live webinar with on-demand recording available to all registered attendees.

Speaker

Michael Henry
Vice President, Growth Strategy

Session Outline - What You'll Learn

Which proposed rule requirements are most likely to appear in a final rule — and which face the most serious opposition
Why the proposed compliance timeline will almost certainly change, and what that means for your planning horizon
The specific technical controls — encryption, MFA, patching timelines, vulnerability scanning — you can start implementing now without waiting for the final rule
How to identify gaps in your current HIPAA program against the proposed minimum security floor
What the Health Care Cybersecurity and Resiliency Act of 2025 could mean for your obligations if it advances

Please Note: The presentation will be updated to reflect the current status of the rule—proposed or final as of the date of the webinar.

Frequently Asked Questions (FAQs)

Has the HIPAA Security Rule actually been finalized yet?

No — not as of the date this page was published. The 2025 Notice of Proposed Rulemaking is still under review. This webinar covers what the proposed rule requires, which elements are most likely to survive into a final version, and what you can start doing now. The presentation will reflect the rule’s actual status on the day of the event.

Who should attend?

This session is most relevant for compliance officers, CISOs, privacy officers, and IT leaders at covered entities, business associates, and health IT organizations. If your organization creates, receives, maintains, or transmits electronic protected health information, the proposed rule applies to you.

Will a recording be available if I can't join live?

Yes. All registered attendees will receive access to the on-demand recording after the live session.

Does Drummond implement HIPAA controls, or only assess them?

Drummond assesses and validates — we do not implement controls or manage remediation on your behalf. That independence matters: when Drummond validates your compliance, the finding carries no conflict of interest. If you’d like to discuss your current HIPAA posture before or after this webinar, our team offers a no-cost consultation.

How long is the session?

60 minutes.

Don't Wait for the Final Rule to Prepare

The direction of travel is clear. Encryption, MFA, structured testing, and documented incident response are becoming the baseline — through regulation, legislation, or enforcement. This webinar helps you build toward that baseline now, on a timeline you control.

Search

The Hidden Costs of Fast Compliance

Why Both HIPAA and ONC Health IT Certification Matter in Building Trustworthy Digital Health

Supporting Lean Teams: How the Right Partner Simplifies HIPAA Compliance

FHIR Interoperability Expectations Are Escalating

The Importance of Impartial Remediation Support

Hicomply and Drummond Partner to Support North American Compliance Validation

Your Vulnerability Scans Are Leaving Gaps

Why Prior Auth API Certification Matters Now

Why Poor AI Governance Is a Bottom-Line Risk for Healthcare