Navigating the Maze: eDiscovery Essentials for Employers — Hiring to Firing Podcast
Top Healthcare Compliance Priorities for 2025
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
Episode 366 -- DOJ Issues Data Security Program Requirements
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Why Privacy Matters to Your Business and What's in Store for 2025
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Protect, Prepare, Prevail: Navigating a Complex Cybersecurity World
2024 Privacy Trends and Their Impact on Auto Finance – Moving the Metal: The Auto Finance Podcast
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Crafting an Effective Law Firm Generative AI Policy for Responsible Business Use: On Record PR
2025 Privacy Law Preview: Be Prepared
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
Podcast - Decoding the Future of AI Regulation and Frontier Models
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
The Office for Civil Rights (OCR) announced on April 10, 2025, that it has settled alleged HIPAA Security Rule violations with Northeast Radiology for $350,000....more
In a striking move at the end of March, the U.S. Department of Justice (“DOJ”) announced a $4.6 million settlement with MORSE Corp Inc. (“MORSE”), a defense contractor based in Cambridge, Massachusetts, for falsely certifying...more
The New York Attorney General recently entered into an assurance of discontinuance with Root Insurance Company following a 2021 data incident. According to the AG, the threat actors obtained people’s drivers’ license numbers...more
Welcome back to the Class Action & MDL Roundup! This edition covers notable class actions from the fourth quarter of 2024. In this edition, an overdue audiobook suit is shelved, an old case gets new reps and new...more
New York AG Letitia James settled with Root Insurance Company to resolve allegations that the company’s data security deficiencies led to a 2021 data breach involving 72,000 people, in violation of state consumer protection...more
Arecent report put the odds of an asteroid hitting the earth in December 2032 at 3.1%—which is 3,100 times more likely than an organization resolving an enforcement action with the U.S. Department of Health and Human...more
Marriott has agreed to pay $52 million dollars and implement new consumer data protections to settle investigations by attorneys general from 49 states and the Federal Trade Commission, following data breaches that occurred...more
In 2024, the government and whistleblowers were party to 558 settlements and judgments collecting over $2.9 billion. The government continued its effort to combat cybersecurity threats through its Civil Cyber-Fraud...more
MGM Resorts agreed to pay $45 million to settle over a dozen class action lawsuits concerning 2019 and 2023 data breaches. A federal court in Nevada preliminarily approved the settlement, which, according to lawyers, covers...more
In 2024, the Department of Justice (DOJ) pursued significant enforcement activity under its Civil Cyber-Fraud Initiative (CCFI). As our readers know, the Deputy Attorney General announced the creation of the CCFI in October...more
December 2024 was an active month for the U.S. Department of Health and Human Services ("HHS"), Office for Civil Rights ("OCR"). OCR announced (i) a $1.19 million civil monetary penalty ("CMP") against Gulf Coast Pain...more
2024 was a year chock-full of data breaches and privacy violations. Many new data privacy and cybersecurity regulations were introduced (and became effective), and regulators sent a strong message to businesses that privacy...more
Note to research compliance officials still digesting news of Pennsylvania State’s recent $1.25 million settlement over False Claims Act (FCA) allegations related to cybersecurity and the government’s recent intervention in a...more
New York Attorney General (AG) Letitia James and global movie theater operator National Amusements, Inc. (National) settled a lawsuit stemming from a 2022 data breach reported by National, which affected 82,128 National...more
Oak Valley Hospital, located in Oakdale, California, reached a settlement in a class action related to a 2023 data breach. On July 18, 2023, Oak Valley detected suspicious activity on its IT systems. Pursuant to the forensic...more
On October 31, 2024, the U.S. Department of Health and Human Services (“HHS”), Office of Civil Rights (“OCR”) announced a $500,000 settlement with Plastic Surgery Associates of South Dakota (“PSA”) concerning potential...more
You are reading the October 2024 Update of the Bass, Berry & Sims Enforcement Roundup, where we bring notable enforcement actions, policy changes, interesting news articles, and a bit of our insight to your inbox. -...more
Connecticut Attorney General William Tong announced on October 21, 2024, that his office has settled a data breach case against Guardian Analytics, Inc. for $500,000. The data breach affected the personal information of...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
Our Consumer Protection/FTC and Privacy, Cyber & Data Strategy teams unpack Starwood Hotels’ and Marriott International’s settlements with the Federal Trade Commission and Marriott’s settlement with state attorneys general...more
Enforcement of data privacy laws across the US is in full force. Most recently, Marriott agreed to a $52 million settlement payment to 50 states, including $3.5 million to the State of Texas, following a data breach of 131...more
Let’s review for a moment. It’s not a HIPAA violation to be a victim of ransomware. It’s not a HIPAA violation to pay a ransom. It’s up to the covered entity (CE) to determine if a security or privacy incident is a...more
This week, Marriott International, Inc. and its subsidiary Starwood Hotels & Resorts Worldwide LLC (collectively, Marriott) agreed to settle on the terms of a settlement order with the Federal Trade Commission (FTC) for its...more
On August 30, the Federal Trade Commission (FTC) entered into a proposed settlement order with cloud-based physical security solutions provider, Verkada Inc. (“Verkada”), settling allegations of data security violations and...more
In November 2023, a class action lawsuit was filed against the genetic testing company, 23andMe. The plaintiffs alleged that a data breach resulted in the unauthorized disclosure of 6.9 million users’ personal and genetic...more