Anthropic’s new AI model could enable such crippling damage in the wrong hands that the company has decided not to publicly release it – but it still reshapes the cybersecurity risk landscape for every business. The April 7...more
4/15/2026
/ Artificial Intelligence ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Incident Response Plans ,
Information Governance ,
Technology Contracts ,
Third-Party Risk
A sweeping new federal cybersecurity mandate is on its way, and now is the time for businesses to build the infrastructure you’ll need to comply. The Cybersecurity and Infrastructure Security Agency (CISA) is finalizing draft...more
4/8/2026
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Data Breach ,
Data Preservation ,
Federal Contractors ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Incident Response Plans ,
New Rules ,
Popular ,
Ransomware ,
Regulatory Requirements ,
Reporting Requirements ,
Supply Chain ,
Unauthorized Access
As AI use accelerates, regulators are focusing more on data privacy enforcement – which means businesses need to make compliance a strategic priority. For tech companies in particular, the volume and sensitivity of data...more
3/26/2026
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
COPPA ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Deletion ,
Data Privacy ,
Data Protection ,
Data Retention ,
Data Security ,
General Data Protection Regulation (GDPR) ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Incident Response Plans ,
Personal Data ,
PIPEDA ,
Popular ,
Privacy Laws ,
State Privacy Laws ,
Technology Sector ,
Third-Party Risk
Pharmacy benefit managers (PBMs) are increasingly using artificial intelligence tools in drug benefit administration, a transaction-intensive function involving the calculation of fees, discounts, and rebates to manage costs...more
3/20/2026
/ Artificial Intelligence ,
Benefit Plan Sponsors ,
Business Associates Agreement (BAA) ,
Contract Negotiations ,
Contract Terms ,
Data Privacy ,
Data Protection ,
Employee Benefits ,
Employer Liability Issues ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Health Plan Sponsors ,
Healthcare Costs ,
Pharmacy Benefit Manager (PBM) ,
PHI ,
Prescription Drugs ,
Service Agreements
The White House recently published two documents to outline how the US plans to lead the world in cybersecurity while protecting Americans from cybercrime. Combined, the Cyber Strategy for America and the Executive Order on...more
3/19/2026
/ Artificial Intelligence ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Executive Orders ,
National Security ,
Regulatory Reform
Are you a business with a self-insured group health plan? Did you know that it could make part of your business subject to HIPAA? Employers that sponsor self-insured group health plans are subject to complex compliance rules...more
3/3/2026
/ Business Associates ,
Business Associates Agreement (BAA) ,
Covered Entities ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Employee Benefits ,
Employee Retirement Income Security Act (ERISA) ,
Employer Group Health Plans ,
Health Insurance ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach Notification Rule ,
HIPAA Privacy Rule ,
HIPAA Security Rule ,
PHI ,
Self-Insured Health Plans
The European Union’s Cyber Resilience Act (CRA) has mandated uniform cybersecurity requirements for hardware and software with digital elements that are placed on the EU market since 2024. The law has three main requirements:...more
Connecticut-based companies that fall victim to large-scale data breaches could face a new slate of disclosure and investigation requirements under legislation currently being considered in the state. Connecticut State Senate...more
2/24/2026
/ Confidential Information ,
Connecticut ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Disclosure Requirements ,
Incident Response Plans ,
Investigations ,
Pending Legislation ,
Personal Information ,
Proposed Legislation ,
State Attorneys General
A new law about to take effect in Texas will force any company that either distributes software applications or develops apps to jump through safety-related hoops in an effort to protect minors. As of January 1, 2026, the App...more
11/24/2025
/ App Developers ,
App Store ,
Minors ,
Mobile Apps ,
New Legislation ,
Online Safety for Children ,
Parental Consent ,
Private Right of Action ,
Software ,
Software Developers ,
Technology Sector ,
Texas
A new cybercrime threat actor calling itself “Coinbase Cartel” has begun targeting transportation, logistics, and adjacent sectors – and you should act quickly to shore up your defenses. Their model is simple: they steal data...more
10/22/2025
/ Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Data Theft ,
Logistics ,
Popular ,
Ransomware ,
Transportation Industry
Starting November 10, federal contractors that perform work with the Department of Defense will need to ensure they comply with a new cybersecurity framework. The Department of Defense (DoD) just amended the Defense Federal...more
9/15/2025
/ Best Practices ,
Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Data Mapping ,
Data Protection ,
Data Security ,
Defense Contracts ,
Defense Sector ,
Department of Defense (DOD) ,
DFARS ,
Federal Contractors ,
National Security ,
NIST ,
Risk Assessment ,
Subcontractors
As 5G connectivity becomes more widely deployed, organizations across all industries are leaning into AI tools that promise speed, automation, and deeper insights. But the combined power of 5G + AI creates an urgent...more
7/31/2025
/ 5G Network ,
Artificial Intelligence ,
Data Collection ,
Data Mapping ,
Data Privacy ,
Data Retention ,
Data Security ,
Employee Monitoring ,
Information Governance ,
Personal Data ,
Privacy-By-Design ,
Risk Management ,
State Privacy Laws
As cybersecurity threats escalate, state legislatures across the country are tightening requirements for how insurance entities respond to data breaches – and thanks to a new law just passed several weeks ago, Missouri is...more
7/18/2025
/ Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Insurance ,
Incident Response Plans ,
Information Security ,
Insurance Industry ,
National Association of Insurance Commissioners ,
New Legislation ,
Non-Public Information ,
Notification Requirements ,
Personally Identifiable Information ,
Regulatory Authority ,
Reporting Requirements ,
Security Risk Assessments ,
State Data Breach Notification Statutes ,
Third-Party Risk ,
Third-Party Service Provider
The SEC’s amended Regulation S-P, adopted last year, will soon enhance data privacy protections for broker-dealers, investment companies, registered investment advisors, and transfer agents. The updated rule requires these...more
6/30/2025
/ Amended Regulation ,
Broker-Dealer ,
Consumer Information ,
Corporate Counsel ,
Customer Information ,
Cybersecurity ,
Data Breach ,
Data Disposal Protocols ,
Data Privacy ,
Data Protection ,
Data Retention ,
Data Security ,
Deadlines ,
Due Diligence ,
Financial Institutions ,
Incident Response Plans ,
Investment Companies ,
Notice Requirements ,
Policies and Procedures ,
Popular ,
Registered Investment Advisors ,
Regulation S-P ,
Securities and Exchange Commission (SEC) ,
Transfer Agents
A federal judge in Texas just tossed out Biden-era reproductive healthcare privacy protections, halting a 2024 final rule with nationwide effect. The rule, which largely took effect in December and created new HIPAA privacy...more
6/26/2025
/ Abortion ,
Covered Entities ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Employer Group Health Plans ,
Final Rules ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Health Plan Sponsors ,
HIPAA Privacy Rule ,
Injunctions ,
Notice of Privacy Practices ,
PHI ,
Popular ,
Privacy Rule ,
Reproductive Healthcare Issues ,
Texas
New cybersecurity requirements just kicked in for thousands of financial firms operating in New York, and companies need to make sure they have taken action to comply. As of May 1, the latest amendments to the New York...more
Businesses should be aware of growing security risks from North Korean IT workers targeting freelance contracts from businesses in the U.S. and other countries. Typically, these workers fraudulently claim they are from the US...more
5/15/2025
/ Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Security ,
Economic Sanctions ,
Foreign Workers ,
Fraud ,
Freelance Workers ,
Hiring & Firing ,
Independent Contractors ,
Information Technology ,
North Korea ,
Popular ,
Risk Mitigation ,
Scams
When PowerSchool announced in January that it fell victim to a massive data breach at the end of 2024, it assured the thousands of schools and over 50 million students who use the education software that the matter had been...more
The country’s largest provider of cloud-based education software for K-12 schools announced on January 7 that it fell victim to a massive data breach – which may lead to questions about the implications for your school....more
1/13/2025
/ Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Hackers ,
Incident Response Plans ,
Notification Requirements ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
School Districts ,
Student Records ,
Teachers
With the HIPAA Security Rule set to undergo a massive overhaul to boost cybersecurity protections, PEOs need to take note. After all, as stewards of worksite employee and client company data – and as sponsors of group health...more
1/8/2025
/ Comment Period ,
Covered Entities ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Employer Group Health Plans ,
HIPAA Security Rule ,
Professional Employer Organization ,
Proposed Rules ,
Public Comment ,
Risk Assessment
The HIPAA Security Rule may soon undergo a big overhaul that would better defend healthcare data from cybersecurity threats – and require much more from covered entities when it comes to establishing and maintaining defenses....more
1/7/2025
/ Business Associates ,
Comment Period ,
Covered Entities ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
HIPAA Security Rule ,
Incident Response Plans ,
Proposed Rules ,
Public Comment ,
Risk Management