News & Analysis as of May 12, 2025

Compliance

+ Follow

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now. less -

OCR Loses Staff, Faces Move to New ‘Enforcement’ Office; Will HIPAA Focus, Independence Suffer?

Health Care Compliance Association (HCCA) on 4/15/2025

Today, the HHS Office for Civil Rights (OCR) stands shoulder-to-shoulder with the likes of the Office of Inspector General and Office of General Counsel, one of just a dozen or so agencies reporting directly to the secretary....more

Latest FCA Cybersecurity Settlement Shows Enforcement Remains a Priority Under Trump Administration

Foley & Lardner LLP on 4/4/2025

A recent United States Department of Justice (DOJ) announcement reinforces that enforcement of cybersecurity requirements under the False Claims Act (FCA) remains an ongoing risk. According to the press release, defense...more

NY Settles With Insurer on Data Breach Rooted in Security Deficiencies

Cozen O'Connor on 3/28/2025

New York AG Letitia James settled with Root Insurance Company to resolve allegations that the company’s data security deficiencies led to a 2021 data breach involving 72,000 people, in violation of state consumer protection...more

Hong Kong passes its first Cybersecurity Law to safeguard critical infrastructure

A&O Shearman on 3/26/2025

Hong Kong’s Legislative Council passed the Protection of Critical Infrastructures (Computer Systems) Bill (the “CI Bill”) on March 19, 2025. This landmark legislation aims to enhance cybersecurity and minimize disruptions...more

Preserving and Protecting the Integrity of American Elections (Trump EO Tracker)

Akin Gump Strauss Hauer & Feld LLP on 3/26/2025

Enforce the Federal prohibition on foreign nationals voting in Federal elections. Requires documentary proof of United States citizenship and for verification from a State or local official for national mail voter...more

Why Compliance Audits Are Non-Negotiable

Gardner Law on 3/26/2025

In today’s heightened enforcement environment, compliance auditing isn’t just a best practice—it’s a necessity. Federal and state laws and industry guidance, including the Office of Inspector General (OIG) Compliance Program...more

Great Women in Compliance: The Future of Enforcement with Jennifer Lee

Thomas Fox - Compliance Evangelist on 3/26/2025

In this episode of Great Women in Compliance, Hemma hosts Jennifer Lee, a partner at Jenner & Block LLP and former Assistant Director at the SEC. The discussion covers Jennifer’s work in SEC investigations, the importance of...more

Health Fitness, OCR’s Risk Analysis Initiative, and the ERISA Fiduciary Duty to Select Plan Service Providers

Jackson Lewis P.C. on 3/24/2025

On Friday, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced the fifth enforcement action under its Risk Analysis Initiative. In this case, OCR reached a settlement with Health...more

Ninth Circuit Upholds Conviction of Former Uber Security Chief Joseph Sullivan in Connection with 2016 Uber Data Security Breach

Baker Botts L.L.P. on 3/20/2025

On March 13, 2025, a three-judge panel of the U.S. Court of Appeals for the Ninth Circuit unanimously upheld the conviction of former Uber Chief Security Officer Joseph Sullivan. The ruling affirms Sullivan’s 2022 conviction...more

Recent Enforcement Reminds Companies: Assess HIPAA Compliance

Gardner Law on 3/20/2025

A HIPAA compliance assessment is an evaluation of an organization's practices, policies, and procedures to ensure that they align with requirements from the Health Insurance Portability and Accountability Act (“HIPAA”). It...more

$1.5M Warby Parker Fine a Holdover; OCR Focuses On Men in Sports, Antisemitism, ‘Biological Truth’

Health Care Compliance Association (HCCA) on 3/12/2025

Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more

Nine Steps Healthcare Entities Should Take to Prevent Cyberattacks

Nilan Johnson Lewis PA on 2/24/2025

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently imposed a $1.5 million civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of eyewear, for...more

Investigations Newsletter: First Circuit Joins Sixth and Eighth Circuits in Adopting Heightened, But-For Causation Standard for...

ArentFox Schiff on 2/24/2025

First Circuit Joins Sixth and Eighth Circuits in Adopting Heightened, But-For Causation Standard for AKS-Based FCA Claims - On February 18, the US Court of Appeals for the First Circuit became the latest court to agree...more

We’ll Take the Fine: OCR’s ‘Unwarranted,’ Costly Demands Prompted Hospital’s $538K Payment

Health Care Compliance Association (HCCA) on 2/7/2025

The saga that led Children’s Hospital Colorado to accept a fine of more than $500,000 imposed by the HHS Office for Civil Rights (OCR) began on July 11, 2017, when a physician’s email account containing details on 3,300...more

Looking Back at the False Claims Act in 2024 as the Government Keeps its Sights on Cybersecurity in 2025

Bradley Arant Boult Cummings LLP on 2/5/2025

In 2024, the government and whistleblowers were party to 558 settlements and judgments collecting over $2.9 billion. The government continued its effort to combat cybersecurity threats through its Civil Cyber-Fraud...more

CLE Takeaways: 2025 Government Enforcement Priorities and Trends

Fenwick & West LLP on 2/3/2025

Businesses today must navigate an intricate web of policies, regulations, and enforcement actions that demand not only vigilance but a proactive stance toward transparency and cooperation....more

Capital Markets & Governance Insights - January 2025

Ropes & Gray LLP on 1/30/2025

Companies should not minimize the extent of a material cybersecurity incident by omitting material facts regarding the scope and potential impact of the incident. Cybersecurity risk factor disclosures should be tailored to a...more

Things I Worry About (7): DOL Investigations and Unsuspecting Plan Sponsors

Faegre Drinker Biddle & Reath LLP on 1/29/2025

The DOL’s EBSA has a number of programs that can restore benefits to plans and participants. Those include: - Civil investigations. - Criminal investigations. - Informal compliant resolutions. - Correction programs. ...more

White-collar crime developments in Italy: trends and developments

A&O Shearman on 1/29/2025

There has been an increase in enforcement action and strategies relating to cybercrimes, supply-chain related offenses, VAT fraud, corruption, and money laundering. A significant shift has been prompted by the EU Corporate...more

SEC Actions in Review: What Officers and Directors Should Know for 2025

Foley & Lardner LLP on 1/29/2025

As the regulatory landscape continues to evolve, public company officers and directors must stay abreast of the enforcement priorities and expectations of the Securities and Exchange Commission (SEC). Over the past year, the...more

Top 5 SEC Enforcement Developments for December 2024

Morrison & Foerster LLP on 1/28/2025

Each month, we publish a roundup of the most important SEC enforcement developments for busy in-house lawyers and compliance professionals. This month, we examine: •Insider trading charges against a professor overseeing...more

FTC Announces Proposed Settlement with GoDaddy Incorporating Prescriptive Cybersecurity Requirements

Alston & Bird on 1/22/2025

On January 15, 2025, the Federal Trade Commission (FTC) announced a proposed settlement with GoDaddy Inc. (GoDaddy) for making false or misleading representations about their security practices in violation of Section 5 of...more

With Nod to OCR, Indiana Inks $350K Deal With Dental Firm Following Hack

Health Care Compliance Association (HCCA) on 1/22/2025

Recent federal enforcement actions have brought home the lesson that there’s really no acceptable reason for denying a patient timely access to medical records. Last year, for example, the HHS Office for Civil Rights (OCR)...more

Slew of OCR activity underscores agency’s focus on security and AI

Hogan Lovells on 1/17/2025

Recent enforcement actions, audit activity, proposed rulemakings, and guidance issued by the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) highlight the agency’s focus on health data...more

FCA Whistleblower Complaints Reach All Time High in 2024

Fox Rothschild LLP on 1/17/2025

The U.S. Department of Justice (DOJ) published its 2024 False Claims Act (FCA) statistics and press release this week touting $2.9 billion in judgments and settlements last fiscal year, slightly higher than 2023’s $2.7...more

159 Results

View per page

Page: of 7

Cybersecurity › Enforcement Actions › Compliance

"My best business intelligence, in one easy email…"