In January 2025, the U.S. Department of Health and Human Services (HHS) proposed significant amendments to the HIPAA Security Rule. These proposed changes aim to strengthen cybersecurity measures protecting electronically protected health information (ePHI) in response to the escalating frequency and sophistication of cyberattacks targeting the healthcare sector.