Skip to main content
Home

Main navigation

News & Analysis Policies & Forms Your Library Attorney Network
News & Analysis Policies & Forms Your Library Attorney Network

User account menu

Sign in Get Started
x

You're signed out

Sign in to access subscriber actions.

Beyond HIPAA: Navigating the ‘more stringent’ standard

March 2026 employment law letter
Authors: 

Jake Walker, Holland & Hart LLP

In light of the February 16, 2026, deadline for covered entities to update their notice of privacy practices (NPP), covered entities should consider “more stringent” state laws that may apply to these updated forms and require compliance. The federal Health Insurance Portability and Accountability Act (HIPAA) privacy rule sets the floor for privacy protections and individuals’ rights when it comes to their individually identifiable health information but allows for states to enact stronger or more stringent requirements regarding the privacy of patient health information.

Employers’ obligations

When federal law sets the ground floor for compliance and allows states to set more demanding requirements—as in the case with HIPAA—it’s commonly known as “floor preemption.” So, HIPAA leaves the door open for state law to impose more demanding standards in certain circumstances. (This also stands in contrast to “ceiling preemption,” when federal law sets the maximum standards and precludes any more restrictive—or differently restrictive—state laws from having effect.)

Continue reading your article with a HRLaws membership
  • Sign in
  • Sign up
Upgrade to a subscription now
to get unlimited access to everything on HR Laws.
Start subscription
Any time

Publications

  • Employment Law Letter
  • Employers State Law Alert
  • Federal Employment Law Insider

Your Library Reading List

Reading list 6
Creating List 7
Testing

Let's manage your states

We'll keep you updated on state changes

Manage States
© 2026
BLR®, A DIVISION OF SIMPLIFY COMPLIANCE LLC | ALL RIGHTS RESERVED

Footer - Copyright

  • terms
  • legal
  • privacy