Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
Episode 366 -- DOJ Issues Data Security Program Requirements
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — The Good Bot Podcast
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Innovations in Compliance: Data Collection & Cybersecurity with ModeOne’s Matt Rasmussen and Ryan Frye
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
What is the CCF?
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — Hiring to Firing Podcast
A Less is More Strategy for Data Risk Mitigation
Auditing Your Hotline and Case Management System
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
Compliance Tip of the Day: AI for Whistleblower Anonymity
Why Privacy Matters to Your Business and What's in Store for 2025
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 223: Cybersecurity and Privacy Risks with Healthcare Vendors with Brandon Robinson of Maynard Nexsen
A Durham County class action asks whether “My Chart,” a widely used portal that medical providers use to communicate with patients about test results, conditions, and treatments should more aptly be labeled “Our Chart.”...more
On March 15, Kentucky passed HB 473 (the “bill”), which amends the Kentucky Consumer Data Protection Act (the “Act”), whose passage was previously covered by InfoBytes and goes into effect on January 1, 2026. The bill creates...more
Cyberattacks remain one of the most serious threats facing the healthcare industry. Healthcare providers and their vendors handle sensitive and valuable health data, making them prime targets for cybercriminals....more
A HIPAA compliance assessment is an evaluation of an organization's practices, policies, and procedures to ensure that they align with requirements from the Health Insurance Portability and Accountability Act (“HIPAA”). It...more
Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more
New York lawmakers recently passed a wide-ranging health information privacy bill that would require entities to obtain consent to collect, use, or sell an individual’s health information except for designated purposes. ...more
The New York State legislature passed the Health Information Privacy Act (“NYHIPA”) on January 22, 2025, marking the second state to introduce a comprehensive consumer health data law. If passed, the NYHIPA imposes more...more
If enacted, the New York Health Information Privacy Act (“NYHIPA”) will be the latest in a series of state privacy laws that regulate health data outside of the traditional health care context. It would follow the passage of...more
Illinois’s Biometric Information Privacy Act (BIPA) continues to drive a wave of privacy-related litigation across the United States, though a 2024 amendment to the act—the first since BIPA’s enactment in 2008—may slow the...more
Earlier this year, the New York legislature passed the New York Health Information Privacy Act (New York HIPA), establishing strict requirements for handling health data. The legislation shares similarities with Washington’s...more
Last week, the U.S. Cybersecurity and Infrastructure Security Agency (“CISA”) and the U.S. Food and Drug Administration (“FDA”) released warnings about an embedded function they found in the firmware of the Contec CMS8000,...more
On January 22, the New York State Legislature passed Senate Bill S929, titled the New York Health Information Privacy Act (NYHIPA), which is poised to redefine how businesses handle health and wellness-related data in and...more
Just in time for setting a new year’s resolution, the New York Senate passed health privacy bill S-929. This bill was first introduced during the 2024 legislative session but failed to pass. Now in the early weeks of 2025,...more
The Court of Appeal has handed down its judgment in the case of Prismall v Google UK Ltd and DeepMind Technologies Ltd [2024] EWCA Civ 1516. Finding for Google, the Court of Appeal upheld the lower Court’s decision to...more
On January 22, the New York state legislature passed Senate Bill S929, known as the New York Health Information Privacy Act (HIPA or the “Act”). The bill will next move to the New York governor for signature....more
The HIPAA Security Rule was originally promulgated over 20 years ago. While it historically provided an important regulatory floor for securing electronic protected health information, the Security Rule’s lack of...more
It is by now common knowledge that on Inauguration Day, January 20, 2025, President Trump signed numerous executive orders geared toward the implementation of his immigration policy objectives, setting the stage for what he...more
On April 22, 2024, the Health and Human Services’ Office for Civil Rights (OCR) issued the HIPAA Privacy Rule to Support Reproductive Health Care Privacy Final Rule. The final rule limits the sharing of protected health...more
In a major development for all businesses handling health data, New York lawmakers passed a sweeping health data privacy bill Wednesday that could have far-ranging consequences across the country. S929, also known as the New...more
Companies continue to face a patchwork of state data privacy laws, federal agencies targeted companies' collection of sensitive consumer information, and a handful of states passed artificial intelligence-related regulation...more
In 2024, the Department of Justice (DOJ) pursued significant enforcement activity under its Civil Cyber-Fraud Initiative (CCFI). As our readers know, the Deputy Attorney General announced the creation of the CCFI in October...more
On January 6, 2025, the U.S. Department of Health and Human Services (“DHHS”) Office of Civil Rights (“OCR”) published a proposed rule entitled, “HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Health...more
§ 160.101 Statutory basis and purpose. The requirements of this subchapter implement sections 1171–1180 of the Social Security Act (the Act), sections 262 and 264 of Public Law 104–191, section 105 of Public Law 110–233,...more
To round out this year’s series on new state consumer privacy laws, we are covering the statute passed by Kentucky earlier this year. Please also keep your eye out for our 2024 round-up article that will be published soon, as...more
The deadline for compliance with the Department of Health and Human Services Office of Civil Rights’ (“OCR”) recent update to the HIPAA Privacy Rule is December 22, 2024 -- less than thirty days away. Last spring, OCR...more