No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
2022 DSIR Deeper Dive: Ransomware
What's New? On May 28, 2025, the U.S. Department of Health and Human Services' Office for Civil Rights (OCR) announced an $800,000 settlement with a large Florida-based health care provider over potential violations of the...more
Arecent report put the odds of an asteroid hitting the earth in December 2032 at 3.1%—which is 3,100 times more likely than an organization resolving an enforcement action with the U.S. Department of Health and Human...more
With 2025 barely three weeks old, the US Department of Health and Human Services Office for Civil Rights (OCR) has already announced six enforcement actions for the new year. Particularly significant is the advancement of...more
Cyberattacks and technology disruptions in healthcare don’t just cost organizations financially — they can threaten patient safety and put organizational reputations at risk. How ready is your organization for a potential...more
Material updates to the HIPAA Security Rule could be on the way — affecting all HIPAA-regulated entities — for the first time in two decades. The Department of Health and Human Services (HHS) issued a Notice of Proposed...more
Last fall at the Safeguarding Health Information: Building Assurance Through HIPAA Security 2024 conference, U.S. Department of Health & Human Services Office for Civil Rights (OCR) promised that before year’s end, it would...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
In the wake of Change Healthcare’s February 2024 ransomware attack, which affected the protected health information (PHI) of at least 100 million individuals — the largest breach of PHI in history — the federal government’s...more
On November 1, 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a $90,000 settlement with Bryan County Ambulance Authority (“BCAA”), a provider of emergency medical...more
On October 31, 2024, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) embraced the end of Spooky Season by announcing two more ransomware-related enforcement actions. ...more
Our Health Care and Privacy, Cyber & Data Strategy Groups cover an upcoming proposed rule from U.S. Health and Human Services (HHS) that would formalize cybersecurity requirements and allow the Office for Civil Rights (OCR)...more
In healthcare, compliance issues can quickly escalate into compliance nightmares, with serious implications for patient safety, legal liability, and an organization’s reputation. Among the most common compliance nightmares...more
Ransomware attacks are a growing threat in the health care sector due to the value of personal health information (PHI). In addition to being expensive, these attacks can cripple health care operations, delay patient care,...more
In October 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced the imposition of a civil monetary payment against Providence Medical Institute (“PMI”), a large medical...more
On October 22, 2024, Microsoft issued a threat trend research report entitled “US Healthcare at risk: Strengthening resilience against ransomware attacks.” In it, Microsoft declares that ransomware attacks against the...more
During the first half of this webinar, Jen Mitchell, Bryan Murray and Laura Fryan, will focus on practical tips and pointers on avoiding a HIPAA breach and what lessons you can take away from the Change Healthcare breach. ...more
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently settled two ransomware cases with covered entities. These cases signal the government's growing concern with health care...more
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) imposed a $240,000 civil monetary penalty against Providence Medical Institute in connection with a ransomware attack that revealed...more
In late September 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a settlement with Cascade Eye and Skin Centers, P.C., a health care provider in the state of...more
On July 1, 2024, the U.S. Department of Health and Human Services (“HHS”) Office For Civil Rights (“OCR”) announced a $950,000 settlement with Heritage Valley Health System (“Heritage Valley”) and a three-year Corrective...more
On July 1, 2024, the HHS Office of Civil Rights (OCR) announced that Pennsylvania-based healthcare system, Heritage Valley Health System (Heritage Valley), has agreed to pay $950,000 to settle potential violations of the...more
The Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently announced a settlement under the Health Insurance Portability and Accountability Act (HIPAA) with Green Ridge Behavioral Health, LLC...more
The healthcare sector is increasingly facing cyber-threats with ransomware and hacking at the forefront. In the last five years, there has been a staggering 256% rise in significant hacking-related breaches and a 264% surge...more
In late October, the U.S. Department of Health and Human Services (HHS) reached a settlement agreement with a medical management company based in Massachusetts over alleged HIPAA violations. Under the settlement terms, the...more
Late last year, the Department of Health and Human Services (HHS) issued its first HIPAA settlement agreement involving a ransomware attack. In the press release announcing the settlement, HHS stated that they began...more