On May 8, 2025, the Food and Drug Administration (FDA) announced the completion of its generative artificial intelligence (AI) pilot program for scientific reviewers. FDA Commissioner Marty Makary was quoted in the...more
On January 7, 2025, FDA published a draft guidance titled “Artificial Intelligence-Enabled Device Software Functions: Lifecycle Management and Marketing Submission Recommendations.” The draft guidance was long-anticipated; it...more
1/13/2025
/ Artificial Intelligence ,
Cybersecurity ,
Data Management ,
Data Protection ,
Draft Guidance ,
Federal Food Drug and Cosmetic Act (FFDCA) ,
Food and Drug Administration (FDA) ,
Life Sciences ,
Machine Learning ,
Medical Devices ,
Popular ,
Regulatory Requirements ,
Risk Assessment ,
Software
On December 1, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services provided guidance on the intersection of the Health Insurance Portability and Accountability Act (HIPAA) and the use of...more
Recent ransomware attacks against U.S. critical infrastructure, which includes the energy sector’s production of oil and natural gas, and other sources of electricity and power, have shed a spotlight on the importance of...more
5/13/2021
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FBI ,
Hackers ,
Incident Response Plans ,
International Emergency Economic Powers Act (IEEPA) ,
NIST ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
Risk Mitigation ,
Trading with the Enemy Act
On January 31, 2020, the Department of Defense (DoD) released the latest version (Version 1.0) of its Cybersecurity Maturity Model Certification (CMMC) framework, setting forth future cybersecurity requirements for thousands...more
3/5/2020
/ Certification Requirements ,
Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Defense Contracts ,
Defense Sector ,
Department of Defense (DOD) ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
NIST ,
Request For Information ,
Third Party Assessment Organization (3PAO)
Your Organization’s best defense in an environment of aggressive regulators and litigious plaintiffs’ counsel is the completion of an enterprise risk assessment. Regulators and attorneys general are fining–sometimes hundreds...more
2/8/2019
/ Cybersecurity ,
Data Breach ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
Enterprise Risks ,
Hackers ,
HIPAA Breach ,
NIST ,
OCR ,
Personally Identifiable Information ,
Popular ,
Risk Assessment ,
Stakeholder Engagement
In its most recent cybersecurity initiative, the U.S. Department of Health and Human Services (HHS) has released Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients, described as a set of...more