FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Yearâs Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
AI Talk With Juliana Neelbauer - Episode Three - Cybersecurity Insurance: Coverage Challenges and Changes
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Protect, Prepare, Prevail: Navigating a Complex Cybersecurity World
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Crafting an Effective Law Firm Generative AI Policy for Responsible Business Use: On Record PR
2025 Privacy Law Preview: Be Prepared
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
"Monsters Inc." y el tratamiento de los datos
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
AI Discrimination and Emerging Best Practices â Part 2 - The Good Bot Podcast
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
On January 6, 2025, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) published a notice of proposed rulemaking (Proposed Rule) updating the Health Insurance Portability and...more
The U.S. Department of Health and Human Services (HHS) recently released a proposed rule to better protect electronic health data from cybersecurity threats. The proposed rule would apply to health plans, healthcare...more
With the HIPAA Security Rule set to undergo a massive overhaul to boost cybersecurity protections, PEOs need to take note. After all, as stewards of worksite employee and client company data â and as sponsors of group health...more
The HIPAA Security Rule may soon undergo a big overhaul that would better defend healthcare data from cybersecurity threats â and require much more from covered entities when it comes to establishing and maintaining defenses....more
Healthcare data breaches are occurring more frequently and on larger scales than ever before â and while you defend against cyberattacks and other external threats, make sure you do not overlook the critical role your...more
On March 18, 2024, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) updated its guidance on the use of online tracking technology by covered entities regulated by the Health...more
Report on Patient Privacy 23, no. 10 (October, 2023) By 2016, it should have been clear to HIPAA covered entities that a security risk analysisâand corresponding risk management planâwere compliance basics. Yet, a new...more
For decades, medical providers and other covered entities have satisfied their health-data privacy obligations by complying with the federal Health Insurance Portability and Accountability Act (HIPAA) â but this is changing...more
Millions of women use reproductive health applications (or âappsâ) to track menstrual cycles, ovulation, and pregnancy. These apps provide women that use the rhythm method for birth control and women seeking to become...more
Most people have heard of the Health Insurance Portability and Accountability Act (HIPAA), so itâs not surprising that companies dealing with digital health information will have to be HIPAA compliant. To do so, any protected...more
Enforcement Actions - In its first announcement of enforcement actions in 2022, the U.S. Department of Health and Human Services (âHHSâ) Office for Civil Rights (âOCRâ) simultaneously announced the resolution of three...more
Earlier this month, HHSâs Office for Civil Rights (OCR) issued a Request for Information (RFI) seeking comments on a statutory provision adopted last year that provides a quasi-safe harbor for entities that have voluntarily...more
Report on Patient Privacy 22, no. 1 (January, 2022) - As the COVID-19 pandemic enters its third year, real âsecurity fatigueâ with pandemic-related issues will combine with cybercriminalsâ increasingly sophisticated...more
Our podcast series features AGG attorneys and guests discussing challenges theyâve encountered when assisting clients on business and legal issues related to the Technology industry. While all topics will have a legal...more
Navigating the day-to-day duties related to your practice includes many different responsibilities. From providing patient care, to making sure your office has the appropriate equipment, to managing your team, you have a lot...more
As the COVID-19 pandemic in the United States is easing, telemedicine is facing an important crossroads. While telehealth services have demonstrated their value as an integral part of care delivery, federal and state waivers...more
On January 21, 2020, the far-reaching HIPAA Privacy Proposed Rule, initially released on December 10, 2020, was published in the Federal Register. Despite speculation that the publication timeline would be altered when the...more
Report on Patient Privacy 18, no. 1 (January 2021) - Security threats to health care entities will continue to escalate in 2021, as bad actors with significant capabilities target pandemic-weary organizations still...more
On December 10, 2020, the Department of Health and Human Services (HHS) announced proposed revisions to the HIPAA Privacy Rule that would significantly impact the day-to-day operations of HIPAA covered entities. In this...more
The Office of Civil Rights of the U.S. Department of Health and Human Services has issued guidance clarifying how HIPAAâs Privacy Rule permits covered entities (in particular, health care providers and health plans) or their...more
Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more
Report on Patient Privacy 20, no. 6 (June 2020): Being a health care provider in the midst of a pandemic is complicated enough, between offering telehealth services, perhaps for the first time, and helping workers continue...more
For companies seeking to use, license, or otherwise commercialize health data, there are potential inconsistencies among the HIPAA de-identification standard, the CCPA definition of de-identified data, and GDPR requirements...more
Seyfarth Synopsis: The Director of HIPAA enforcement agency cautions that many covered entities are not meeting the basic HIPAA requirements and sees âlow-hanging fruitâ for enforcement activity....more
Every year, we remind our readers that the HIPAA data breach notification regulations require covered entities to notify the Office for Civil Rights (OCR) of any reportable data breaches that involved fewer than 500...more