In terms of healthcare data breaches, 2024 was the worst year ever, with the records of at least 53% of the U.S. population involved and two of the biggest healthcare data breaches of 2024 ranking in the top 10 of all time. ...more
On December 27, 2024, the Department of Health and Human Services (HHS) issued a notice of proposed rulemaking (NPRM) related to the Security Rule under the Health Insurance Portability and Accountability Act (HIPAA). ...more
‘Tis the season for holiday baking and the elves at the U.S. Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), have been diligently crafting their own holiday treat. On December 27,...more
The U.S. Department of Health and Human Services (HHS) has issued an unpublished Notice of Proposed Rulemaking (NPRM) that strengthens the Health Insurance Portability and Accountability Act (HIPAA) Security Rule and, if...more
On April 4, the Cybersecurity and Infrastructure Security Agency published a notice of proposed rulemaking setting out mandatory reporting requirements for covered entities that experience cybersecurity incidents or make...more
In 2025, new federal reporting requirements will require hundreds of thousands of organizations to report cyber incidents within hours of discovery to the United States Government, marking a significant impact on how...more
Last week, a bipartisan coalition in Congress introduced the American Privacy Rights Act (“APRA”), a draft federal privacy bill. The APRA represents the latest effort to create a federal consumer data privacy law after its...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) within the US Department of Homeland Security released a much-anticipated notice of proposed rulemaking (NPRM) to implement the Cyber Incident...more
Welcome to Wiley’s update on recent developments and what’s next in consumer protection at the Consumer Financial Protection Bureau (CFPB) and Federal Trade Commission (FTC). In this newsletter, we analyze recent regulatory...more
There has been a lot of coverage about the Federal Communications Commission’s (FCC and Commission) new and expansive data breach notification Order, approved on a 3-2 vote at the Commission’s December 13 Open Meeting. Much...more
What Happened - On July 26, the U.S. Securities & Exchange Commission (SEC) adopted its Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure final rule on a 3-2 vote. The final rule is a modified...more
On May 18, 2023 the Federal Trade Commission (FTC) released a Notice for Proposed Rule Making (NPRM) for updates to the Health Breach Notification Rule, 16 C.F.R. Part 318 (the Rule). The Rule serves to ensure entities that...more
FCC Seeks Comment on Rules to Enable Wireless Communications for Unmanned Aircraft Systems: In this Notice of Proposed Rulemaking (NPRM), the Federal Communications Commission (FCC or Commission) requests comment on proposed...more
The Federal Communications Commission (“FCC” or “Commission”) is seeking comments on a Notice of Proposed Rulemaking (NPRM) to refresh its customer proprietary network information (“CPNI”) data breach reporting requirements...more
On January 6, 2023, the Federal Communications Commission (FCC or Commission) released its Data Breach Reporting Requirements NPRM (NPRM) after adopting the item by a 4-0 vote on December 28, 2022. This long-awaited NPRM...more
The U.S. Federal Communications Commission (FCC or Commission) released a Notice of Proposed Rulemaking (NPRM) seeking to update and strengthen its rules requiring telecommunications carriers and interconnected Voice over...more
On September 12, 2022, the Cybersecurity and Infrastructure Security Agency (CISA) issued a request for information (RFI) seeking input from stakeholders on the Cyber Incident Reporting for Critical Infrastructure Act of 2022...more
The Federal Communications Commission (“FCC”) circulated internally a Notice of Proposed Rulemaking (“NPRM”) last week that would, among other things, enable telecommunications carriers to report breaches to their customers...more
Our Virtual Regional Healthcare Compliance Conferences provide updates on the latest news in regulatory requirement, compliance enforcement, and strategies to develop effective compliance programs. Watch, listen, and ask...more
"The overwhelming majority of courts have concluded that neither COVID-19 nor the governmental orders associated with it cause or constitute property loss or damage for purposes of insurance coverage." So concluded the...more
On January 12, 2021, the Office of the Comptroller of the Currency (OCC), the Board of Governors of the Federal Reserve System (Board), and the Federal Deposit Insurance Corporation (FDIC) published a Notice of Proposed...more