here’s no General Data Protection Regulation (GDPR) in the US. Absent a comprehensive, national privacy law, states have stepped in to fill the gap.
As Adam Greene, Partner at Davis Wright Tremaine, explains in this podcast,...more
Julie Janeway, General Counsel and principal owner, Principled Healthcare Consulting will be speaking about internal and parallel investigations at the 2024 HCCA Compliance Institute. In this podcast she slices off a bit of...more
At the 2024 SCCE European Compliance & Ethics Institute, Segev Shani, Chief Compliance & Regulatory Officer at Neopharm Group will be leading the session “Corporate Use of Third-Party Artificial Intelligence (AI) Tools.”
In...more
While many of the world’s governments are struggling to determine what to do about AI, Brazil already has a track history in this area. As Maria Victoria Mota, Corporate Attorney at Viapol (a subsidiary of RPM), explains in...more
First there was Safe Harbor, then there was Privacy Shield, both of which were struck down, leaving an enormous chasm in the rules for sharing data between the EU and the US. Now, explains, André Bywater, Partner at UK-based...more
The excitement over Artificial Intelligence (AI) is often met with concerns about its negative potential. That’s especially true in healthcare where the potential gains are met by the principled and practical requirements of...more
These days, the term “blockchain” is no longer novel. Yet, many still struggle to understand what exactly it is and what implications, if any, it may have for a compliance program.
Segev Shani, Chief Compliance & Regulatory...more
For all the talk of tone at the top, the reality is that few employees report to the top. Virtually all report to a manager somewhere in the middle, and it’s the tone that leader sets that is often most important.
Susan Du...more
Having all the privacy policies and procedures in place is one thing. Having them practiced is another, and that’s where a privacy walk-through comes into play.
Jan Elezian, Director Healthcare Provider Practice, Revenue...more
Hybrid work is likely here to say, and, as Sheila Limmroth, privacy specialist at DCH Health System, and the author of the chapter Hybrid Work Environment in the Complete Healthcare Compliance Manual observes in this...more
4/21/2022
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare Workers ,
HIPAA Privacy Rule ,
HIPAA Security Rule ,
Home Offices ,
Mobile Device Management ,
Multi-Factor Authentication ,
Network Security ,
Passwords ,
Personally Identifiable Information ,
PHI ,
Phishing Scams ,
Policies and Procedures ,
Remote Working ,
Risk Management ,
Risk Mitigation ,
Telehealth ,
Videoconference
Isabella Porter is the director of compliance and privacy officer of District Medical Group and author of the chapter “Patient Privacy and Security: Business Associates” in the Complete Healthcare Compliance Manual.
In this...more
Matt Kelly, Editor & CEO of Radical Compliance makes a strong case in this podcast for a need to reassess cyber risk. It is becoming, he says, less of a technical issue and more about how companies interact with others: ...more
While organizations have increasingly embraced cloud computing as a solution to their data management and other needs, they do so in an environment of heightened risks. Attacks on cloud providers are increasing, which makes...more
9/23/2021
/ Cloud Computing ,
Cloud Service Providers (CSPs) ,
Compliance ,
Cyber Attacks ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Risk Management ,
Third-Party Risk
Preventing data breaches is a critical task for all businesses these days, but it’s especially so in healthcare. No one wants to see health information disclosed, and the risks of a ransomware attack are enormous, literally...more
7/15/2021
/ Business Associates ,
Compliance ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Hospitals ,
PHI ,
Physicians ,
Popular ,
Ransomware ,
Risk Mitigation
Privacy continues to be a challenging issue for healthcare providers. Chrissy Kyak, Compliance & Privacy Officer for Medstar Georgetown University Hospital, MedStar Montgomery Medical Center and MedStar Health Research...more
3/4/2021
/ Chief Compliance Officers ,
Chief Privacy Officer ,
Compliance ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Infectious Diseases ,
Patient Privacy Rights ,
PHI ,
Physicians
Digitalization and the proliferation of apps have changed the relationship in healthcare between data, the patient and provider, explains Hema Lakkaraju, CEO and founder of Hayag Corporation. It is often unclear who is...more
1/28/2021
/ Artificial Intelligence ,
Big Data ,
Blockchain ,
Chief Compliance Officers ,
Chief Ethics and Compliance Officers (CECO) ,
Compliance ,
Consumer Privacy Rights ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Security ,
Data Storage ,
Data-Sharing ,
Electronic Protected Health Information (ePHI) ,
Ethics ,
Health Care Providers ,
Health Information Technologies ,
Patient Privacy Rights ,
Risk Management ,
Third-Party Risk
Recently the Health Care Compliance Association released the new Health Care Privacy Handbook, 3rd Edition.
https://www.hcca-info.org/health-care-privacy-handbook
To learn what’s new in the book and in healthcare privacy...more
12/22/2020
/ Chief Compliance Officers ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
FERPA ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Health Plan Sponsors ,
HIPAA Breach ,
HIPAA Breach Notification Rule ,
HIPAA Security Rule ,
Medical Records ,
Patient Privacy Rights ,
PHI ,
Privacy Act of 1974
It’s a very busy time for compliance professionals overseeing businesses operating in India, reports Arpinder Singh, India & Emerging Markets Leader at EY Forensic & Integrity Services. There are a dizzying number of new...more
12/4/2020
/ Auditors ,
Board of Directors ,
Business Disruption ,
Chief Compliance Officers ,
Competition ,
Compliance ,
Coronavirus/COVID-19 ,
Corporate Governance ,
Corporate Investigations ,
Corporate Officers ,
Corruption ,
Data Privacy ,
Data Protection ,
Ethics ,
India ,
Insider Trading ,
New Regulations ,
New Rules ,
Prevention of Corruption Act (PCA) ,
Privacy Laws ,
Ransomware ,
Remote Working ,
Reporting Requirements ,
Risk Management ,
Supply Chain ,
Whistleblowers
Staying on top of what’s new in data privacy is tough. As Robert Bond, Partner and Notary Public at the UK-based law firm Bristows explains, over 100 countries have drafted or implemented new data privacy laws in 2019.
To...more
9/3/2020
/ California Consumer Privacy Act (CCPA) ,
Compliance ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Subjects Rights ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personally Identifiable Information ,
Privacy Laws ,
Third-Party Risk
The Court of Justice of the European Union (CJEU) sent shockwaves through the privacy community last week. As Jonathan Armstrong of Cordery explains in this podcast, it put an effective end to the Privacy Shield because of...more
It’s tough complying with data privacy laws. You spend gazillions of dollars complying with GDPR, and then you have to spend a bunch more in response to the California Consumer Privacy Act (CCPA). Job done, right?
Not...more
5/7/2020
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Retention ,
Data Security ,
Data Storage ,
Data Subjects Rights ,
Personally Identifiable Information ,
Privacy Laws
With the COVID-19 pandemic demands for Personal Health Information (PHI) from law enforcement, the press, politicians and the public are increasing. While there may be good reasons behind many of these demands, healthcare...more
5/7/2020
/ Business Entities ,
Coronavirus/COVID-19 ,
Covered Entities ,
Data Privacy ,
Data-Sharing ,
Department of Health and Human Services (HHS) ,
Disclosure Requirements ,
Electronic Protected Health Information (ePHI) ,
Health and Safety ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OIG ,
PHI ,
Privacy Policy
Remember Brexit? It dominated the news before the pandemic. And while it may not be on the front page any longer, the clock is still ticking down to the end of the transition period on December 31, 2020.
As Andre Bywater of...more
When responding to COVID-19, it’s important to both scrub your hands and also scrub your data practices.
As Jonathan Armstrong, partner at Cordery Compliance explains in this podcast, organizations – and not just those based...more
Supply chains are emerging as an increasingly complex risk area for compliance. The risk includes trade compliance, vendor management issues associated with cyber/privacy, product compliance, REACH, ROHS and California...more
2/6/2020
/ Compliance ,
Corporate Social Responsibility ,
Cybersecurity ,
Data Privacy ,
Exports ,
Imports ,
Popular ,
Risk Management ,
Supply Chain ,
Trade Policy ,
Transparency ,
Vendors