Hot Topics in International Trade - Let's Be Serious-Supply Chain Audits
Workplace ICE Raids Are Surging—Here’s How Employers Can Prepare - #WorkforceWednesday® - Employment Law This Week®
REFRESH Five Tax Traps for Business Lawyers Advising Nonprofit Organizations
Hospice Insights Podcast - Hospice Audit Updates: David Beats Goliath
Compliance Tip of the Day: Middle Managers as the Eyes and Ears of Compliance
Episode 365 -- Four Sanctions Cases Everyone Should Know
UPIC Audits
Compliance Tip of the Day: The role of Compliance in Auditing AI
California Employment News: Taking Advantage of the PAGA Reform – How Employers Can Lower Their Risk of PAGA Liability
Auditing Your Hotline and Case Management System
Hospice Insights Podcast - Controlling the Narrative: A New Tactic for Auditors and ALJs
Improving Your Code of Conduct
Now Is the Time to Conduct I-9 Audits: What's the Tea in L&E?
Preparing for — and Surviving — an OFCCP Audit
Hospice Insights Podcast - Meet the New Laws, Same as the Old Laws: Overpayment Recoupment Update
AGG Talks: Home Health & Hospice Podcast - Episode 6: Navigating the Audit Maze: Insights From Northeast Georgia Health System
Hospice Insights Podcast - What's the Latest on UPICs? Highlights From Recent Audit Activity, Part II
5 Key Takeaways | 2024 Emerging Trends: Delaware Unclaimed Property VDA and Multistate Audits
Common Scenarios Triggering False Claims Act Violations, Part 3: Claims and Investigations
Compliance Tip of the Day: Machine Learning for Internal Audit
The Washington Post (2013) found that one-sixth of all embezzlement cases in the U.S. involve nonprofit and religious organizations, ranking just behind the financial sector. This statistic is jarring but not entirely...more
McDermott’s Family Office Symposium 2025 brought together more than 400 single-family office executives and industry leaders to uncover new opportunities, exchange best practices, and strengthen relationships. Focused on the...more
In response to a record year of personal data breaches in 2024, affecting millions of individuals, the French data protection authority (CNIL) has published a set of security directives for operators of large databases. While...more
The risks associated with leveraging open source libraries, and the review needed, are increasing. In the first half of 2025, cybersecurity researchers observed a sharp rise in the incidence of malicious code embedded in...more
Technology vendors everywhere want to serve big Wall Street banks, so when one of those banks talks about risks they see in their software supply chain, compliance and audit professionals should listen – which brings us to an...more
This monthly report outlines key developments in China’s data protection sector for March. The following events merit special attention...more
In today’s heightened enforcement environment, compliance auditing isn’t just a best practice—it’s a necessity. Federal and state laws and industry guidance, including the Office of Inspector General (OIG) Compliance Program...more
In the high-stakes world of legal due diligence, the security and confidentiality of sensitive information are paramount. With the increasing volume of electronically stored information (ESI) and the complexity of modern...more
In the final days of the Biden Administration, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a notice of proposed rulemaking (NPRM) to modify the Security Rule under the Health...more
Secretary of Defense nominee Pete Hegseth testified during his confirmation hearing on January 14, 2025, that if confirmed*, he intends to use audits to identify potential waste and abuse in defense spending, explaining that...more
The latest edition of Directors Quarterly features a summary of board and committee agenda priorities for 2025, financial reporting and auditing updates, post-election observations from around the world, and more. Read the...more
Recent enforcement actions, audit activity, proposed rulemakings, and guidance issued by the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) highlight the agency’s focus on health data...more
State-level AI regulation remains a dynamic landscape in the US as lawmakers tackle the complex risks posed by modern AI. Two influential 2024 regulations—Colorado's 24-205 (the Consumer Protections for Artificial...more
The evolution of artificial intelligence (AI) has introduced systems capable of making autonomous decisions, known as agentic AI. While generative AI essentially “creates” – providing content such as text, images, etc. –...more
2024 was a record year for cyberattacks in the healthcare sector. According to the Breach Portal maintained by the U.S. Department of Health and Human Services (“HHS”) Office of Civil Rights (“OCR”), to date this year, there...more
Continued cyberthreats drove expanded data security and breach notification requirements in 2024. Although sectors deemed high-risk saw significant activity, we also saw proposed regulations that stand to have a...more
In the fourth in our series of new CCPA regulations from California, we look at both cybersecurity audit obligations as well as the impact of the CCPA on the insurance industry. Cybersecurity Audits The proposed rules address...more
Recognizing the increasing number of successful cyberattacks targeting health care organizations and their valuable patient data, the Office of the Inspector General (OIG) is calling for enhancements to the HIPAA audit...more
The California Privacy Protection Agency released proposed CCPA rules for a variety of topics in November, as well as announcing an investigative sweep for compliance with the Delete Act. Topics include the following, which...more
The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is required by law to perform periodic audits of covered entities and business associates to ensure their compliance with HIPAA Security Rule...more
On November 8, 2024, the California Privacy Protection Agency (CPPA) voted 4-1 to proceed with formal rulemaking regarding automated decision-making technology (“ADMT”), which the draft regulations define as “any technology...more
HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more
On November 8, 2024, the California Privacy Protection Agency (CPPA) voted to proceed with formal rulemaking regarding artificial intelligence (AI) and cybersecurity audits. This comes on the heels of the California Civil...more
Artificial intelligence (AI) is transforming industries at an unprecedented pace, but it also introduces complex compliance challenges. While many regions are ramping up their regulatory frameworks to address these risks,...more
In 2024, the U.S. Department of Health and Human Services Office of Civil Rights (“OCR”) Director Melanie Fontes Rainer announced that OCR will resume auditing Health Information Portability and Accountability Act (“HIPAA”)...more