Back to School: 3 Essential Employee Trainings
A Sneak Peek into Data Mapping: What Implementation Really Looks Like
Safeguard your Business: Dinsmore's Craig Horbus on Combatting the Rising Threat of ACH Fraud
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
It's Time to Think About Data Mapping Differently
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
On April 17, 2024, Nebraska Governor Jim Pillen signed the Nebraska Data Privacy Act (the "Act"), which takes effect on January 1, 2025. The Act maps in large part to the Texas Data Privacy and Security Act. Like Texas, the...more
On April 16, 2024, the U.S. Department of Health and Human Services (HHS) finalized a rule modifying the Confidentiality of Substance Use Disorder (SUD) Patient Records (the Final Rule) codified at 42 C.F.R. Part 2 (Part 2)....more
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has, as part of its mandate, the responsibility to enforce the Health Insurance Portability and Accountability Act (HIPAA) Security Rule....more
On February 8, 2024, the Department of Health and Human Services (HHS) posted a final rule that aims to align 42 CFR Part 2 (Part 2) — which protects certain substance abuse disorder (SUD) records — with the Health Insurance...more
The plaintiff’s bar continues to bring new wiretapping claims over pixels and analytics programs in courts around the country, including against hospitals and other entities covered by the Health Insurance Portability and...more
Texas, long lauded as one of the most “business-friendly” states, has passed a comprehensive privacy law that will bring new regulations to consumer personal data. The new Texas Data Privacy and Security Act (“TDPSA”), H.B....more
Report on Patient Privacy Volume 22, Number 11. (November 2022) Nearly five years passed from the time the University of Texas MD Anderson Cancer Center reported to the HHS Office for Civil Rights (OCR) that three...more
Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more
Sponsors of clinical trials in the United States have a regulatory responsibility under 21 CFR Part 312.50 to monitor the progress of clinical studies. Historically, Sponsors performed in-person monitoring visits of every...more
Is your business one that has not prioritized compliance with data privacy laws because you do not collect personal data about your customers? If so, you are in good company, but it is time to reframe your approach on data...more
The California Consumer Privacy Act (CCPA), considered one of the most expansive U.S. privacy laws to date, went into effect on January 1, 2020. The CCPA placed significant limitations on the collection and sale of a...more
On January 1, 2023, the Virginia Consumer Data Protection Act (VCDPA) will go into effect. With passage of the law earlier this year, Virginia joined Colorado and California as the only states to enact comprehensive privacy...more
On October 1, 2021, two Acts overhauling data privacy and cybersecurity in Connecticut took effect—the latest instance of stronger state breach reporting requirements with a safe harbor protection from litigation for...more
At the close of Connecticut’s 2021 legislative session, a pair of data protection/cybersecurity related bills made their way to Governor Ned Lamont’s desk, while a CCPA-like omnibus privacy law falling one floor vote short. ...more
State legislatures across the nation are prioritizing privacy and security matters, and Connecticut is no exception. This week, Connecticut Attorney General William Tong announced the passage of An Act Concerning Data Privacy...more
The Health Insurance Portability and Accountability Act (HIPAA) has been the subject of several major developments already in 2021. Healthcare providers, health plans, healthcare clearinghouses, and business associates...more
The HHS Office for Civil Rights released, at the end of last year, findings from audits it conducted in 2016 and 2017 of 166 covered entities and 41 business associates. The report represents the periodic audit that the...more
A year full of firsts, 2020 introduced a number of new consumer data privacy protection laws. While the California Consumer Privacy Act (CCPA) is one of the most well-known, other states have also adopted their own privacy...more
Our Virtual Regional Healthcare Compliance Conferences provide updates on the latest news in regulatory requirement, compliance enforcement, and strategies to develop effective compliance programs. Watch, listen, and ask...more
Recently we wrote about two amendments to the California Consumer Privacy Act of 2018 (CCPA) that were awaiting signature on Governor Newsom’s desk: AB 1281 – which extends the one-year exemptions for employee information and...more
On January 1, 2020 California Consumer Privacy Act (“CCPA”) largely came into effect, albeit with several last-minute modifications and a need to promulgate regulations. ...more
Privacy issues implicate several Bankruptcy Code sections and Bankruptcy Rules. The debtor must also comply with non-bankruptcy rules concerning privacy to the extent that such rules are not inconsistent with the Bankruptcy...more
The U.S. Department of Health and Human Services recently released a notice of enforcement discretion announcing changes in how the agency will assess civil monetary penalties for violations of the Health Insurance...more
According to a recent survey of cybersecurity professionals by AT&T Cybersecurity entitled “Confidence: the perception and reality of cybersecurity threats,” phishing and cloud security threats are keeping them up at night. ...more