No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
In October, the HHS Office for Civil Rights (OCR) fined Providence Medical Institute (PMI) $240,000, an amount that reflected a 20% discount for having “recognized security practices” (RSPs) in place. But many more covered...more
On Friday, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced the fifth enforcement action under its Risk Analysis Initiative. In this case, OCR reached a settlement with Health...more
Earlier this year, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) adopted a new proposal to strengthen the Health Insurance Portability and Accountability Act (HIPAA) security standards...more
In February, a coalition of healthcare organizations sent a letter to President Donald J. Trump and the U.S. Department of Health and Human Services (HHS) (the Letter), urging the immediate rescission of a proposed update to...more
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently imposed a $1.5 million civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of eyewear, for...more
The saga that led Children’s Hospital Colorado to accept a fine of more than $500,000 imposed by the HHS Office for Civil Rights (OCR) began on July 11, 2017, when a physician’s email account containing details on 3,300...more
December 2024 was an active month for the U.S. Department of Health and Human Services ("HHS"), Office for Civil Rights ("OCR"). OCR announced (i) a $1.19 million civil monetary penalty ("CMP") against Gulf Coast Pain...more
The Board & Compliance Committee Conference is designed specifically to educate board members on best practices and recommendations for establishing and maintaining an effective compliance program. The OIG-HHS will discuss...more
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
On October 31, 2024, the U.S. Department of Health and Human Services (“HHS”), Office of Civil Rights (“OCR”) announced a $500,000 settlement with Plastic Surgery Associates of South Dakota (“PSA”) concerning potential...more
In 2024, the U.S. Department of Health and Human Services Office of Civil Rights (“OCR”) Director Melanie Fontes Rainer announced that OCR will resume auditing Health Information Portability and Accountability Act (“HIPAA”)...more
Let’s review for a moment. It’s not a HIPAA violation to be a victim of ransomware. It’s not a HIPAA violation to pay a ransom. It’s up to the covered entity (CE) to determine if a security or privacy incident is a...more
The cyber breach at Change Healthcare in 2024 stands out as one of the most significant cyber-attacks in recent memory. Its repercussions extend far beyond immediate industry disruptions, resonating deeply in regulatory...more
The HHS Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying 946,801 people whose protected health information or other personally identifiable information...more
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently published an executive summary (Report) outlining key enforcement activities of the Health Insurance Portability and...more
Cyberattacks and data incidents are rapidly increasing, and third-party services companies are a frequent source of exposure for healthcare providers. Healthcare is a prime target for cybercriminals, with ransomware and...more
Hosted by the American Conference Institute, the 19th Annual FCPA & Anti-Corruption Conference for the Life Sciences Industry returns for another exciting year with carefully researched programming based on critical findings...more
On February 6, 2024, the HHS Office for Civil Rights (“OCR”) announced a settlement with Montefiore Medical Center (“MMC”) for alleged HIPAA Security Rule violations and MMC agreed to pay $4.75 million and enter into a...more
Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
Discover today's best practices for your role in healthcare compliance oversight - The Office of Inspector General of Health and Human Services expects healthcare board members, board audit/compliance committee members,...more
On February 17, 2023, the US Department of Health and Human Services Office for Civil Rights (OCR) released two companion reports to Congress detailing its actions in 2021 to enforce the privacy, security, and breach...more
Looking for compliance education and networking in your area? HCCA’s Regional Healthcare Compliance Conferences offer practitioners convenient, local compliance education, including updates on the latest news in regulatory...more
Report on Patient Privacy 21, no. 3 (March 2021) - Sometime during the fall, a worker for a subcontractor of Humana Inc. decided to share actual member information from medical records via a Google document with people he...more
Report on Patient Privacy 20, no. 10 (October 2020) - September was quite the month for enforcement actions by the HHS Office for Civil Rights (OCR). The agency announced eight settlements totaling more than $10 million....more