AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
Episode 366 -- DOJ Issues Data Security Program Requirements
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — The Good Bot Podcast
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Innovations in Compliance: Data Collection & Cybersecurity with ModeOne’s Matt Rasmussen and Ryan Frye
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
What is the CCF?
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — Hiring to Firing Podcast
A Less is More Strategy for Data Risk Mitigation
Auditing Your Hotline and Case Management System
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
Compliance Tip of the Day: AI for Whistleblower Anonymity
Why Privacy Matters to Your Business and What's in Store for 2025
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
An online retailer was recently hit with the first class action under Washington’s consumer health data privacy law alleging that it used advertising software attached to certain third-party mobile phone apps to unlawfully...more
The first class action complaint was filed under Washington’s My Health My Data Act (“MHMDA”) on February 10, 2025, more than a year after the law’s passage. When the law passed in April 2023, MHMDA was novel for its broad...more
The U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) recently released a revised version of its guidance titled “Use of Online Tracking Technologies by HIPAA Covered Entities and Business...more
Health and Human Services (“HHS”) released updated guidance yesterday on the use of online tracking technologies (like cookies, pixels, software development kits (SDKs), etc.) by HIPAA Covered Entities (the “Updated...more
Changes to guidance are unlikely to mitigate widespread concerns - On March 18, 2024, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) revised its controversial guidance on how HIPAA applies...more
On July 20, 2023, the Department of Health and Human Services (DHHS) through the Office of Civil Rights (OCR) and the Federal Trade Commission (FTC) issued a joint letter to hospitals and telehealth providers alerting them to...more
The Federal Trade Commission (FTC) and the U.S. Department of Health and Human Services' Office for Civil Rights (OCR) recently published a warning letter that they jointly sent to more than 130 hospital systems and...more
On July 20, 2023, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) and the Federal Trade Commission (FTC)announced they were sending a joint letter to approximately 130 unidentified hospital...more
If you are involved with any health information, even if you are not covered by HIPAA, you should be aware of the government’s recent position that there may be serious privacy and serious risks with use of online tracking...more
The Federal Trade Commission and the U.S. Department of Health and Human Services' Office for Civil Rights are cautioning hospitals and telehealth providers about the privacy and security risks related to the use of online...more
On May 17, 2023, the Federal Trade Commission (the “FTC”) reached a settlement with Easy Healthcare Corporation (“Easy Healthcare”), for its fertility-tracking app, Premom. The agency alleged that Easy Healthcare failed to...more
Health care providers should evaluate their use of “tracking technologies” on their websites and mobile applications (apps) for compliance with HIPAA. On December 1, 2022, the Office for Civil Rights (OCR) issued a bulletin...more
Since the U.S. Supreme Court’s Dobbs v. Jackson Women’s Health Organization decision, healthcare privacy has become a more urgent issue as states such as Missouri seek to limit women from obtaining abortions in other states....more
Report on Patient Privacy Volume 23, no 2 (February 2023) DCH Health Systems, based in Tuscaloosa, Ala., said it fired an employee in December after a routine privacy audit revealed evidence that the worker had accessed some...more
In a December 2022 bulletin published by the Office for Civil Rights at the U.S. Department of Health and Human Services (HHS), HHS made clear that the use of third-party tracking technologies by covered entities and business...more
Report on Patient Privacy Volume 23, no 1 (January 2023) The Centers for Medicare & Medicaid Services (CMS) said a data breach at a Medicare subcontractor impacted the personally identifiable information and protected...more
On December 1, 2022, the Office for Civil Rights (OCR) at the US Department of Health and Human Services (HHS) issued a Bulletin on the obligations of covered entities and business associates (regulated entities) under the...more
Report on Patient Privacy 22, no. 2 (February, 2022) - The new national health information network calls for a number of privacy and security safeguards and standards that, in some instances, exceed what HIPAA covered...more
The COVID-19 outbreak has led OCR to announce that it will exercise enforcement discretion to not impose penalties for HIPAA violations against healthcare providers treating patients through some commonly used social media...more
Although Amazon and Google respond to reports of vulnerabilities in popular home smart assistants Alexa and Google Home, hackers continually work hard to exploit any vulnerabilities in order to listen to users’ every word to...more
Despite its breadth, California's new privacy law, the California Consumer Privacy Act (CCPA), creates an exemption designed around the federal Health Insurance Portability and Accountability Act (HIPAA). That exemption is...more
Individuals who use healthcare apps such as fitness trackers, weight loss, wellness, exercise, etc., BEWARE! A couple of recent developments have highlighted the fact that most apps are not subject to HIPAA, which means that...more
The American Institute of CPAs (AICPA), has released a risk management reporting framework intended to "establish a common, underlying language for Cybersecurity risk management reporting — almost akin to US GAAP or IFRS...more
Many telehealth and mHealth app developers are concerned about whether or not their app is a medical device under FDA regulations (and rightfully so), they often pay less attention to the Health Insurance Portability and...more