State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
From Cell Phones to Tractors: The Right to Repair Movement Drives On — Regulatory Oversight Podcast
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
State AG Pulse | The Inside Scoop: On Being Chief Deputy
Great Women in Compliance: Exploring the Future of Compliance - Key Takeaways from Compliance Week 2025
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Solicitors General Insights: A Deep Dive With Mississippi and Tennessee Solicitors General — Regulatory Oversight Podcast
Leadership and Innovation at the Illinois AG's Office — Regulatory Oversight Podcast
Consumer Finance Monitor Podcast Episode: Private Civil Consumer Financial Services Litigation to Partially Fill CFPB Void - Part 1
The JustPod: The State of Prosecutorial Independence and Prosecutorial Discretion
State AG Pulse | “Don’t Mess With Our Health or Our Kids!”
Podcast - Looking into the Crystal Ball: The Future of Consumer Protection Law Enforcement
Inside Maine's AG Office: AG Aaron Frey on Public Service — Regulatory Oversight Podcast
State AG Pulse | With the Reshaping of Government, More Power To State AGs
Daily Compliance News: April 7, 2025, The Whistleblowers Awarded Edition
New York's Bold Move to Create a Mini CFPB — The Consumer Finance Podcast
Antitrust Insights for Private Equity Navigating the New Administration's Policies — PE Pathways Podcast
State AG Pulse | DEI in the Federal and State Spotlight
Just in time for setting a new year’s resolution, the New York Senate passed health privacy bill S-929. This bill was first introduced during the 2024 legislative session but failed to pass. Now in the early weeks of 2025,...more
On January 22, the New York state legislature passed Senate Bill S929, known as the New York Health Information Privacy Act (HIPA or the “Act”). The bill will next move to the New York governor for signature....more
As we settle into spooky season, let’s take a minute to consider a recent development in health care privacy as we ask ourselves, is this a trick or a treat?...more
On September 18, the Texas Attorney General (AG) announced a settlement agreement with Pieces Technologies, Inc. (“Pieces”), a Dallas-based healthcare artificial intelligence (AI) research and development firm, resolving...more
On September 4, Texas Attorney General (AG) Ken Paxton filed a lawsuit against the Department of Health and Human Services (HHS) Office for Civil Rights (OCR), challenging two key Health Insurance Portability and...more
The Office of the New York State Attorney General announced on August 13 that Letitia James, along with the Attorneys General of Connecticut and New Jersey, fined Enzo Biochem, Inc. $4.5 million for failing to adequately...more
The Massachusetts Attorney General’s Office (AGO) issued an announcement last week to inform consumers who may have had their personal information breached in Change Healthcare’s cyberattack this past February. The AGO was...more
Indiana AG Todd Rokita sued home healthcare equipment and services provider Apria Healthcare, LLC for allegedly failing to investigate and inform consumers regarding data breaches beginning in 2019 in violation of state data...more
New York AG Letitia James settled with US Radiology Specialists, Inc. to resolve allegations that the private radiology group violated New York’s Executive Law and General Business Law by failing to adequately protect...more
A bipartisan coalition of 33 AGs settled with health care clearinghouse Inmediata Health Group, LLC and an affiliated entity (collectively, Inmediata) to resolve allegations that Inmediata violated state consumer protection...more
Government regulators are seemingly as numerous as the stars nowadays, especially in the universe of data incidents. When organizations experience a data incident, they will need to quickly assess what happened, why it...more
The FTC and HHS Office of Civil Rights sent a joint letter to approximately 130 hospital systems and telehealth providers to warn them about the risks of unauthorized disclosure of personal health information (PHI) associated...more
Washington State and Nevada have now passed health data privacy laws that impose obligations relating to the collection, processing, and sharing of “consumer health data.” Both laws (collectively, State Health Data Privacy...more
On June 30, 2023, the Washington Attorney General (AG) published a series of Frequently Asked Questions (FAQs) related to the My Health My Data Act (MHMDA). As we discussed previously, the MHMDA will impose new requirements...more
The AGs of Oregon, New Jersey, Florida, and Pennsylvania settled with EyeMed Vision Care LLC to resolve allegations that the company violated state consumer protection and personal information protection laws, as well as the...more
New York Attorney General Letitia James announced on March 27, 2023 that she had levied a fine against law firm Heidell, Pittoni, Murphy & Bach LLP for failing to secure personal and health information of clients exposing the...more
On February 17, 2023, the state attorneys general of Pennsylvania and Ohio reached a settlement with Ohio-based DNA Diagnostics Center (“DDC”) for a 2021 data breach that affected 2.1 million individuals nationwide and...more
On January 24, New York Attorney General Letitia James announced a settlement with EyeMed Vision Care LLC based on shortcomings in the company’s data security procedures. The problems were discovered during the state’s...more
One of the challenging things about HIPAA (Health Insurance Portability and Accountability Act) enforcement is the fact that both the Office for Civil Rights and State AGs have jurisdiction to assess fines and penalties for...more
New Jersey Acting AG Andrew Bruck reached a settlement with healthcare provider Diamond Institute for Infertility and Menopause, LLC (“Diamond”) to resolve allegations stemming from a 2016 data breach that compromised the...more
The California AG recently reminded companies in the healthcare industry of potential data breach notification obligations beyond HIPAA. As ransomware attacks continue to rise, particularly in healthcare, companies should...more
Report on Patient Privacy 20, no. 12 (December 10, 2020) - In late September, Anthem Inc. entered into a $39.5 million settlement for a 2014 data breach that affected nearly 79 million individuals. About a week later,...more
Consumer-directed health apps are experiencing a boom thanks to COVID-19, as consumers seeking to avoid doctors’ office waiting rooms are increasingly relying on apps to measure and maintain their health. That trend is...more
HHS Targeted by Nation-State Hackers - Evil doers know that the best time to attack is during a crisis or a time of vulnerability. As the United States, and specifically, the Department of Health and Human Services (HHS)...more
Last week, Indiana based Medical Informatics Engineering, Inc. (MIE) agreed to pay $100,000 to the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR). MIE provides electronic health record and related...more