Federal regulators have more than 1,300 comments to sort through in response to a request for information issued in December about potential changes to the HIPAA rules. Comments submitted to the Department of Health and Human Services run the gamut from sheltering certain organizations from breach-related HIPAA enforcement actions to better aligning other federal privacy regulations with the rules. OCR has not indicated when it plans to issue a proposed rule to modify HIPAA. Of course, such modifications would have a direct impact on the policies that must be carried out by CISOs and chief privacy officers.”]
Source: https://www.cuinfosecurity.com/post-breach-hipaa-enforcement-call-for-safe-harbors-a-12033