When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
What larger healthcare goals are fueling the proposed revisions to AKS and Stark? What safe harbors and exceptions are introduced in the proposed rules? And what would the potentially transformational changes mean for...more
On October 9, 2019, the U.S. Department of Health and Human Services (HHS) and the Centers for Medicare & Medicaid Services (CMS) simultaneously released a set of proposed rules (the “Proposed Rules”) that, among other...more
On Feb. 11, 2019, two Department of Health and Human Services (HHS) agencies, the Office of the National Coordinator for Health Information Technology (ONC) and the Centers for Medicare and Medicaid Services (CMS), released...more
Ebola has recently been the source of much concern, and health care providers and hospitals are taking steps to prepare themselves for the possibility of treating patients with Ebola. In addition to all of the medical...more
In the wake of the recent Ebola cases, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has issued a new bulletin reminding HIPAA-covered entities and their business associates that the...more
This week, the Privacy and Security Workgroup within the Health IT Policy Committee was tasked by the U.S. Department of Health and Human Services (“HHS”) to discuss certain patient data protections. Specifically, they were...more
A company named SLC Security, LLC (“SLC”), recently announced that it will begin notifying individuals if it believes it has identified a security breach or vulnerability of a company and it has not received a satisfactory...more
HHS Office of Inspector General (OIG) recently released a report concluding that the entity responsible for overseeing the testing and certification process for electronic health records (EHRs) did not fully ensure that...more
Last year, HHS revised policies and definitions surrounding what constitutes certified EHR technology—required for meaningful use incentive program payment eligibility—from the 2011 Edition criteria to the 2014 Edition...more
The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) settled for the collective amount of $1,975,220 with Concentra Health Services (Concentra) and QCA Health Plan, Inc. (QCA). The settlements stem...more
How should health care companies strengthen their HIPAA compliance programs to manage the risk of a potential FTC investigation? While the U.S. Department of Health and Human Services (HHS) Office for Civil Rights...more
On May 7, 2014, HHS OCR announced a pair of resolution agreements with New York Presbyterian Hospital (NYP) and Columbia University (CU) totaling $4.8 million dollars—the highest settlement amount to date. These resolution...more
How much is the cost of doing nothing when it comes to encryption of sensitive data? In the case of electronic protected health information, about $2 million. Two companies have been hit with fines equaling a total...more
The HHS Office for Civil Rights (OCR) recently presented information about the new look of its Phase 2 audit program. The new audits will look little like the old ones, with OCR conducting the audits itself and focusing on...more
The U.S. Department of Health and Human Services Office for Civil Rights (HHS) recently announced that it had reached an agreement with Skagit County, Washington to settle potential HIPAA violations involving the County...more
On January 31, 2014, the U.S. Department of Health and Human Services ("HHS") Office of Inspector General ("OIG") released its annual work plan. Not surprisingly, issues relating to Electronic Health Records ("EHRs")...more
In the December 27, 2013 edition of the Federal Register, the Office of Inspector General (“OIG”) and Centers for Medicare and Medicaid Services (“CMS”), both within the U.S. Department of Health and Human Services (“HHS”),...more