What is the CCF?
Compliance Perspectives: The FBI on Why and How to Work with the Office of the Private Sector
The Compliance Challenge: Managing Legal & Regulatory Risk
Webinar: How to Get Your Lawyers Sharing Successfully on LinkedIn - with @AdrianDayton
Polsinelli Podcasts - FDA Denies Amgen Citizen Petition in Biosimilar Dispute
FCPA Compliance and Ethics Report-Episode 51-Interview with Tim Haidar
ACADEMI's Suzanne Rich Folsom and PwC's Glenn Ware on Moral Hazard
What Companies Should Do to Prepare for Implementation of Cybersecurity Executive Order
Where Does the Cybersecurity Executive Order Hit and Miss the Mark?
Earlier this month, Secretary of the Department of Homeland Security (DHS) Kristi Noem announced plans to disband the Critical Infrastructure Partnership Advisory Council (CIPAC). First created in 2006, CIPAC is a...more
The Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Tuesday, March 11, 2025, that the Multi-State Information Sharing and Analysis Center (MS-ISAC) will lose its federal funding and cooperative agreement...more
On January 14, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released the AI Cybersecurity Collaboration Playbook (the “Playbook”) to provide guidance to organizations within the AI community (including AI...more
On the heels of a $7.6 million payment by Cleveland Clinic to settle allegations of False Claims Act (FCA) violations and unallowable sharing of passwords, Michael Lauer, NIH deputy director for extramural research, penned a...more
CYBERSECURITY - Health Care Entities Continue to Get Pummeled by Cybersecurity Attacks - The newest health care entity to be hit by a cyberattack is Ascension Health, which operates 140 hospitals and 40 assisted living...more
Cyberhackers—potentially frustrated by their limited ability to extort ransom from health care entities in attacks—have started extorting the patients themselves, threatening them with the release of information or...more
On March 12, 2024, the Department of Defense (DoD) finalized a rule to open its Defense Industrial Base (DIB) Cybersecurity (CS) Program to all defense contractors who own or operate an unclassified information system that...more
On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA), an operational component of the Department of Homeland Security (DHS), posted for public inspection its long-anticipated notice of proposed...more
After years of internal discussion, the Board of the California Privacy Protection Agency (CPPA), at their March 8th meeting, voted to progress toward formalizing the proposed regulations on risk assessments and automated...more
Two recent developments highlight the challenges companies may face as they explore ways to incorporate AI-based chatbots into their customer service offerings: - A putative class action filed in California federal...more
A recent Report to Congress from the Office of Inspector General (OIG) of the Intelligence Community addresses barriers to information sharing that Congress sought to promote in landmark 2015 legislation. This report may have...more
The Federal Acquisition Regulation (FAR) Council has proposed two new cybersecurity rules that would impose significant obligations and risks for federal government contractors. The proposed rules impose substantial cyber...more
In the last two decades, incident response has evolved significantly, adapting to the dynamic cyber threat landscape. As the internet became an integral part of daily life, cyber threats escalated in scope and scale. This...more
On October 3, the Department of Defense, General Services Administration, and the National Aeronautics and Space Administration published two sets of proposed revisions to the Federal Acquisition Regulation (“FAR”) pertaining...more
The U.S. Securities and Exchange Commission’s (SEC) impending cyber disclosure rule, slated to commence on 15 December 2023, underscores an imperative shift towards a more transparent and accountable cybersecurity posture for...more
The Federal Acquisition Regulatory (FAR) Council on Oct. 3, 2023, issued two proposed rules to partially implement President Biden's Executive Order on Improving the Nation's Cybersecurity. The first proposed rule imposes...more
Information sharing has seemed like the “holy grail” of federal cyber policy: sought after but elusive, especially to those who think it will solve their problems. At a time of increased regulation and looming mandates for...more
Voluntary Commitments Ensuring Safe, Secure and Trustworthy AI Prominent generative AI companies, including Meta, OpenAI, Microsoft, Google, Anthropic and Inflection, committed to a voluntary set of guidelines negotiated by...more
In coordination with the White House, several leaders in the artificial intelligence (AI) space have publicly committed to a voluntary set of guidelines relating to responsible development and deployment of AI. Amazon,...more
A former hospital worker in Arizona was sentenced to 54 months in prison and ordered to pay restitution after pleading guilty to two felony counts involving identity theft and health information disclosure. In the plea deal,...more
Five former Memphis-based hospital employees and another man have pled guilty to unlawfully disclosing patient information in violation of HIPAA, U.S. Attorney for the Western District of Tennessee Kevin Ritz announced....more
The federal government has continued its efforts to fulfill the requirements set forth in Executive Order 14028, Improving the Nation’s Cybersecurity. For companies that do business with the Federal government, beyond looking...more
Looking for compliance education and networking in your area? HCCA’s Regional Healthcare Compliance Conferences offer practitioners convenient, local compliance education, including updates on the latest news in regulatory...more
For years, federal cyber policy has been based on successful public-private partnerships, collaboration, and the promotion of voluntary standards that can be tailored to sector and organization-specific risk and needs....more
On December 8, the NRC issued Regulatory Issue Summary (RIS) 2022-03 detailing its plans regarding the use of “Information-Sharing Agreements” to share controlled unclassified information (CUI) with non-executive branch...more