On Jan. 6, 2025, the U.S. Department of Health and Human Services (HHS) proposed new regulations to enhance cybersecurity protections for electronic protected health information (ePHI) under the Health Insurance Portability...more
In terms of healthcare data breaches, 2024 was the worst year ever, with the records of at least 53% of the U.S. population involved and two of the biggest healthcare data breaches of 2024 ranking in the top 10 of all time. ...more
In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we are exploring the proposed updates...more
On November 7, 2024, the Transportation Security Administration (the “TSA”) published a Notice of Proposed Rulemaking (the “Proposed Rule”) that would mandate cyber risk management (“CRM”) and reporting requirements for...more
On January 6, 2025, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) published a Notice of Proposed Rulemaking (“NPRM”) to amend the Health Insurance Portability and Accountability Act...more
The wireless industry has revolutionized the way we connect, from facilitating teleworking, distance learning, and telemedicine to allowing the American public to interact virtually in almost all other aspects of their daily...more
‘Tis the season for holiday baking and the elves at the U.S. Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), have been diligently crafting their own holiday treat. On December 27,...more
In 2025, new federal reporting requirements will require hundreds of thousands of organizations to report cyber incidents within hours of discovery to the United States Government, marking a significant impact on how...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) within the US Department of Homeland Security released a much-anticipated notice of proposed rulemaking (NPRM) to implement the Cyber Incident...more
On Friday, February 3, 2023, the California Privacy Protection Agency (CPPA) held a public board meeting at which it voted unanimously to (1) approve the final text of the California Privacy Rights Act (CPRA) regulations and...more
Continuing a recent trend in which the Federal Energy Regulatory Commission ("FERC") has been directing the North American Electric Reliability Corporation ("NERC") to improve or maintain the reliability of the nation's...more
Key Wireless Deadlines - CISA Seeks Comment on its Zero Trust Maturity Model: The Cybersecurity and Infrastructure Security Agency (CISA) requests comment on its draft Zero Trust Maturity Model. This draft publication is...more
On October 10, California Attorney General Xavier Becerra (CA AG) released proposed regulations to implement certain provisions of the California Consumer Privacy Act (CCPA). The CA AG also released a Notice of Proposed...more
On November 9, Anthony Albanese, Acting Superintendent of the New York Department of Financial Services (the NYDFS), sent a letter to the 18 members of the Financial and Banking Information Infrastructure Committee (the...more