The FBI on Economic Espionage
The Justice Insiders Podcast: Varsity Blues Reversals Turn DOJ Red
[Podcast] Cyber Spotlight: Wiley Tackles White House’s National Cybersecurity Strategy and Other Developments
No Password Required: An FBI Special Agent's Journey from Submarines to Anti-Corruption to Cybersecurity
The New Cold War: Risk, Sanctions, Compliance Episode 23: "Former FBI Acting Director Andrew McCabe”
The Latest from the DOJ Antitrust Division
The Presumption of Innocence Podcast: Episode 7 - Investigative Insights: A Conversation with a Former FBI Agent
DE Under 3: OFCCP AAP Verification Portal 'Rules of Behavior', Vaccination Injunction Updates, & Recent Job Scam Alerts
Cybersecurity: Headlines, Best Practices and Its Evolving Role
Digging Deeper, Episode 1: The Con Queen of Hollywood
Devil in the Details: Gilbert King on Truth and Transparency in the Judicial Process
Compliance Perspectives: The FBI on Why and How to Work with the Office of the Private Sector
This Week in FCPA-Episode 54, the Rubber Match Edition
The HHS Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying 946,801 people whose protected health information or other personally identifiable information...more
Looking for compliance education and networking in your area? SCCE & HCCA’s Regional Compliance & Ethics Conferences bring compliance practitioners from all disciplines together for convenient, local compliance education....more
On December 29, 2022, President Biden signed a new statute that will significantly impact medical device cybersecurity regulation. Section 3305 of the Consolidated Appropriations Act of 2023 (“Section 3305”) authorizes the...more
Report on Patient Privacy Volume 23, no 2 (February 2023) DCH Health Systems, based in Tuscaloosa, Ala., said it fired an employee in December after a routine privacy audit revealed evidence that the worker had accessed some...more
Report on Patient Privacy Volume 22, Number 11. November 2022 - The second largest nonprofit hospital chain in the U.S. has been grappling with an Oct. 3 cybersecurity incident that affected facilities across the country,...more
Report on Patient Privacy 22, no. 6 (June, 2022) - A report from the HHS Health Sector Cybersecurity Coordination Center (HC3) found that in early 2022, ransomware groups increasingly turned to legitimate software during...more
CYBERSECURITY - Okta Notifies Customers of LAPSUS$ Attack - Okta, which markets itself as a “leading provider of identity” in the health care, public sector, energy, financial services, technology, travel and hospitality,...more
Report on Patient Privacy 21, no. 12 (December, 2021) - Huntington Hospital in New York has sent notices to approximately 13,000 patients about an incident that happened in late 2018 and early 2019 involving a night shift...more
Report on Patient Privacy 21, no. 10 (October, 2021) - Conducting a risk analysis is a basic tenet of security compliance, with the overarching goal of understanding where protected health information (PHI) “lives” in an...more
Report on Patient Privacy 21 no. 9 (September, 2021) - DuPage Medical Group in Chicago said that the personal information of more than 600,000 patients may have been compromised in a July cyberattack. The medical group,...more
- Utah Pathology Services, based in Salt Lake City, has reported a data breach involving approximately 112,000 patients. According to the medical practice’s “Notice of Data Incident,” the practice learned June 30 that “an...more
On April 13, 2020, the Federal Bureau of Investigation issued a press release warning the public about several emerging health care fraud schemes related to the COVID-19 pandemic....more
Risk Management Question - What precautions can law firms, along with their lawyers and staff, take when they receive an unexpected request for protected health information (PHI) from someone claiming to be a...more
Report on Patient Privacy 20, no. 2 (February 2020) - A ruling from Georgia’s highest state court could set a precedent that determines recourse for victims of cyberattacks. The Georgia Supreme Court ruled in late December...more
As the decade winds down, it’s hard to believe that the HIPAA Privacy and Security Rules are almost twenty years old. It has been ten years since the U.S. Department of Health and Human Services (HHS) Office for Civil Rights...more
The Federal Bureau of Investigations Internet Crime Complaint Center (IC3) recently issued a public service announcement warning private companies about the increasing numbers of ransomware attacks affecting private industry....more
Energy and Critical Infrastructure Industries Warned of Increased Attacks by FBI and DHS - The FBI and Department of Homeland Security issued a joint statement on October 20, 2017 warning of an increased danger of a...more
The FBI is warning the healthcare sector of a new cyber threat. In a Notification issued last week, the FBI said that it is “aware of criminal actors who are actively targeting” protected healthcare information (“PHI”) and...more
In March 2017, the Federal Bureau of Investigation (FBI) issued a Private Industry Notice (Notice) advising that the FBI is aware that cybercriminals are actively targeting File Transfer Protocol (FTP) servers in “anonymous”...more
HIPAA and the HITECH are federal laws that require the protection and security of confidential, protected health information (PHI) and personally identifiable information that is not necessarily health related. The federal...more
The FBI issued a Private Industry Alert on March 22, 2017, to health and dental providers entitled “Cyber Criminals Targeting FTP Servers to Compromise Protected Health Information” specifically warning health and dental...more
The FBI has issued new guidance specifically applicable to medical and dental facilities regarding the cybersecurity risk of File Transfer Protocol (“FTP”) servers operating in “anonymous” mode. FTPs are routinely used to...more
There is no such thing as compliance with the NIST Cybersecurity Framework (FTC). In September, the FTC dispelled a commonly held misconception regarding the NIST Framework: It “is not, and isn’t intended to be, a standard or...more
On July 11, 2016, the Office of Civil Rights (“OCR”) at the Department of Health and Human Services issued new HIPAA guidance regarding the growing epidemic of malicious computer software known as “ransomware”....more