When DEI Meets the FCA: What Employers Need to Know About the DOJ’s Civil Rights Fraud Initiative
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 241: Fighting Nurse Burnout with Data-Driven Innovation with Dr. Ecoee Rooney of Indicator Sciences
Multijurisdictional Employers, P2: 2025 State-by-State Updates on Non-Compete/Non-Solicitation Agts
How International Companies Can Prepare for July 9 Tariffs
The Dark Patterns Behind Corporate Scandals
Compliance Tip of the Day: COSO Objective 4 - Control Information and Communication
Daily Compliance News: June 26, 2025, The? Matt Galvin Honored Edition
Current Regulatory, Legislative, and Litigation Developments on ADA Website Accessibility for Consumer Finance Digital Platforms — The Consumer Finance Podcast
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
Compliance into the Weeds: Boeing’s New Safety Initiatives and Compliance Reforms
Compliance Tip of the Day: COSO Objective 3 – Control Activities
Legal Shifts in 2025 Put Employer Non-Compete Strategies at Risk - Employment Law This Week® - Spilling Secrets Podcast
Summer Strategies for Work Success
Upping Your Game: Crowd - Sourcing Risk Management Intelligence with AI
Compliance Tip of the Day: COSO Objective 2 - Risk Assessment
Daily Compliance News: June 24, 2025, The Questions, Questions, and More Questions Edition
Adventures in Compliance: The Sign of Four – Holmes Revealed: Communication and Training Insights
Compliance Tip of the Day – COSO Objective 1 – Control Environment
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
For community associations, this is especially important as these organizations often manage large amounts of PII of homeowners and residents (e.g., name, address, phone number, etc.), including certain categories of...more
Artificial intelligence (AI), particularly generative AI, thrives on vast amounts of data, fueling AI capabilities, insights, and predictions. But with this reliance on data comes potential privacy and security risks. And...more
Last week, two separate class actions were filed in the federal district court for the Southern District of Texas against DISA Global Solutions (DISA), a third-party employment screening services provider, related to an April...more
New York State Governor Hochul recently gave us a “pre” New Year’s gift: effective on December 21, 2024, any individuals or businesses possessing the “private information” of New Yorkers must notify them, and certain state...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more
A Written Information Security Plan, or “WISP,” is essential for any organization that handles sensitive personal information. Here’s a quick breakdown of who needs a WISP and why, as well as a checklist to develop one:...more
Join us for an insightful webinar with Miller Nash’s head of privacy and data security team, Eva Novick, and colleague, Delfina Homen, where we will delve into the essentials of privacy and data security in 2024. Whether...more
The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more
A privacy breach can have detrimental consequences for startups: A privacy breach may trigger legal consequences and regulatory scrutiny, especially for a startup that operates in areas with stringent data protection laws...more
Report on Patient Privacy 23, no. 12 (December, 2023) Northwell Health in New York and Cook County Health in Chicago each experienced impacts from a breach at Nevada-based transcription company Perry Johnson & Associates...more
We have posted blogs before on sharing genetic information and the risk associated with the disclosure of such sensitive information. Unfortunately, our concerns have been realized....more
In some respects, assuring compliance with HIPAA has always been a challenge because many health care providers, particularly physicians, pride themselves on maintaining patient confidentiality—even when they aren’t. Nurses,...more
President Biden issued Executive Order (EO) 14083 on September 15, 2022, establishing five factors for reviews by the Committee on Foreign Investment in the U.S. (CFIUS), and areas of heightened scrutiny for transactions...more
WHAT YOU NEED TO KNOW IN A MINUTE OR LESS - The collection and storage of sensitive data can not only invite the attention of government agencies, but also that of putative class action plaintiffs. Government inquiries,...more
Hybrid work is likely here to say, and, as Sheila Limmroth, privacy specialist at DCH Health System, and the author of the chapter Hybrid Work Environment in the Complete Healthcare Compliance Manual observes in this...more
Complementing the patchwork of state data breach notification laws, a number of federal agencies recently have promulgated sector-specific reporting rules affecting a variety of companies, both directly and indirectly, with...more
China recently enacted its Personal Information Privacy Law (PIPL), which came into effect November 1, 2021. PIPL has global reach and broadly regulates entities of all industries that process the personal data of Chinese...more
We talk about passwords a lot. As you know, I am a fan of passphrases instead of passwords as they are hard to guess and easy to remember—a perfect combination for security data....more
Learning Objectives: - What is a PIA and a DPIA? - Who should instigate assessments? - How and when to use assessments? - The relationship between assessments and privacy by design, and legal grounds for processing...more
OSFI, the Canadian Federal Office of the Superintendent of Financial Institutions, on August 13, 2021, issued new guidance on Technology and Cyber Security Incident Reporting, replacing prior guidance of March 2019....more
Ransomware Particularly Inflicts Health Care and Life Sciences Organizations - Ransomware is a malicious cyber threat vector that employs encryption malware to prevent users from accessing their systems and data unless...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
Keypoint: New Utah law creates incentive for businesses to develop and implement a written cybersecurity program to protect themselves against data breach lawsuits. On March 11, 2021, Utah governor Spencer Cox signed the...more
In a recent letter to insurers, the New York State Department of Financial Services (“NYDFS”) acknowledged the key role cyber insurance plays in managing and reducing cyber risk – while also warning insurers that they could...more