On-Demand Webinar
Get Ready for HIPAA's Biggest Rule Change
The proposed HIPAA Security Rule update would overhaul ePHI security requirements across the board. This webinar prepares you to act quickly if, and when, the rule becomes final.
The HIPAA Rules Are About to Change.
The HIPAA Security Rule hasn’t been significantly updated since 2013. The 2025 Notice of Proposed Rulemaking would end that; requiring mandatory encryption of all ePHI, multi-factor authentication at every access point, structured testing timelines, and annual compliance audits.
The rule is not yet final. But the compliance work required to meet it is not insignificant, and organizations that wait for finalization before preparing might be left scrambling. Watch the webinar to learn from Drummond experts who have completed over 220 HIPAA assessments across covered entities, business associates, and health IT organizations.
Prepare Now So You Can Move Fast Later
This webinar gives compliance officers, CISOs, and IT leaders a practical head start, built around the most likely final rule requirements.
- Understand which proposed changes are most likely to survive into a final rule — and which face the strongest opposition
- Know the specific technical controls you should start building toward now, regardless of when finalization happens
- Identify where your current program has gaps against the proposed minimum security floor
- Leave with a prioritized action list you can act on immediately
- Understand how parallel congressional activity could affect your compliance obligations
Frequently Asked Questions (FAQs)
Has the HIPAA Security Rule actually been finalized yet?
No — not as of the date this page was published. The 2025 Notice of Proposed Rulemaking is still under review. This webinar covers what the proposed rule requires, which elements are most likely to survive into a final version, and what you can start doing now. The presentation will reflect the rule’s actual status on the day of the event.
Who should attend?
This session is most relevant for compliance officers, CISOs, privacy officers, and IT leaders at covered entities, business associates, and health IT organizations. If your organization creates, receives, maintains, or transmits electronic protected health information, the proposed rule applies to you.
Will a recording be available if I can't join live?
Yes. All registered attendees will receive access to the on-demand recording after the live session.
Does Drummond implement HIPAA controls, or only assess them?
Drummond assesses and validates — we do not implement controls or manage remediation on your behalf. That independence matters: when Drummond validates your compliance, the finding carries no conflict of interest. If you’d like to discuss your current HIPAA posture before or after this webinar, our team offers a no-cost consultation.
How long is the session?
60 minutes.