Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
What's New? On May 28, 2025, the U.S. Department of Health and Human Services' Office for Civil Rights (OCR) announced an $800,000 settlement with a large Florida-based health care provider over potential violations of the...more
The February 2024 ransomware attack on Change Healthcare was the largest healthcare data breach in U.S. history. The attack disrupted operations—impacting patient care and provider finances—and potentially exposed the...more
With 2025 barely three weeks old, the US Department of Health and Human Services Office for Civil Rights (OCR) has already announced six enforcement actions for the new year. Particularly significant is the advancement of...more
On November 1, 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a $90,000 settlement with Bryan County Ambulance Authority (“BCAA”), a provider of emergency medical...more
Americans hear about cybersecurity incidents on a frequent basis. As the adage goes, it is not a matter of “if” a breach or security hack occurs; it is a matter of “when.”...more
In late September 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a settlement with Cascade Eye and Skin Centers, P.C., a health care provider in the state of...more
Announcing its fourth ransomware cybersecurity investigation and settlement, the Office for Civil Rights (OCR) also observed there has been a 264% increase in large ransomware breaches since 2018....more
The HHS Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying 946,801 people whose protected health information or other personally identifiable information...more
KCP supports House bill to restore original intent of Medicare Secondary Payer Act - Kidney Care Partners (KCP) commends the 36 co-sponsors of the bill before the House, who come from both sides of the aisle and represent...more
In light of the ongoing investigation of Change Healthcare’s ransomware attack that resulted in the improper disclosure of thousands of individuals’ PHI, now seems like a perfect time to discuss HIPAA’s requirements...more
Research from Guidepoint Security found that 2023 saw an 80% increase in ransomware activity year-over-year, driven in part by multiple mass exploitation campaigns impacting hundreds of organizations. In total, the report...more
It is no secret that protected health information (or “PHI”) is more and more at risk for cybersecurity attacks. In 2022 (the most recent year this statistic is available), the Department for Health and Human Services Office...more
New York has released proposed cybersecurity regulations for hospitals. The regulations, which were published in The State Register on Dec. 6 and will undergo a 60-day public comment period ending on Feb. 5, are designed to...more
From large-scale hacks to new rules governing cyber practices, the cyber landscape continues to become more complex. The risk for breaches is higher than ever before. The numbers support this declaration. According to the...more
On Oct. 31, 2023, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced it had settled with Doctors’ Management Services Inc. (DMS) over a self-reported ransomware attack that occurred in...more
Data breaches come in many different forms, sizes, and levels of complexity, but they tend to share certain key facts: A third-party bad actor—whether through a phishing attack, a ransomware attack, exploitation of a zero-day...more
You may be Entitled to Financial Compensation…for Your Data - “Without all of our writings and photos that AI companies are using to train their models, they would have nothing to sell.” Why this is important: This...more
Report on Patient Privacy Volume 23, no 2 (February 2023) DCH Health Systems, based in Tuscaloosa, Ala., said it fired an employee in December after a routine privacy audit revealed evidence that the worker had accessed some...more
Report on Patient Privacy Volume 23, no 1 (January 2023) The Centers for Medicare & Medicaid Services (CMS) said a data breach at a Medicare subcontractor impacted the personally identifiable information and protected...more
Report on Patient Privacy Volume 22, Number 11. November 2022 - The second largest nonprofit hospital chain in the U.S. has been grappling with an Oct. 3 cybersecurity incident that affected facilities across the country,...more
Report on Patient Privacy 22, no. 10 (October, 2022) - Thirty Democratic senators led by Sen. Patty Murray, D-Wash., have called on HHS to strengthen federal privacy protections under HIPAA to broadly restrict providers...more
Editor’s Note: On August 31, 2022, HaystackID shared an educational webcast on the topic of data mining in data breach incident response. As data mining has increasingly become one of the largest expenses during a cyber...more
Report on Patient Privacy 22, no. 8 (August, 2022) - The Department of Justice (DOJ) seized around $500,000 in Bitcoin ransom paid by two health care organizations in Kansas and Colorado to North Korean ransomware actors...more
According to the 2022 State of Ransomware Report issued recently by Sophos, it surveyed 5,600 IT professionals from 31 countries, including professionals in the health care sector. Those professionals in the health care...more
Report on Patient Privacy 22, no. 6 (June, 2022) - A report from the HHS Health Sector Cybersecurity Coordination Center (HC3) found that in early 2022, ransomware groups increasingly turned to legitimate software during...more