On June 22, 2025, Texas became the latest state to enact comprehensive AI legislation with a uniquely Texan twist through the passage of the Texas Responsible Artificial Intelligence Governance Act....more
In the first five months of 2025, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced it had entered into ten Health Insurance Portability and Accountability Act (HIPAA) resolution...more
5/21/2025
/ Business Associates ,
Covered Entities ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Security Rule ,
HIPAA Violations ,
OCR ,
Penalties ,
Risk Assessment ,
Risk Management ,
Settlement Agreements
Virginia Governor Glenn Youngkin has vetoed House Bill (HB) No. 2094, a bill that would have created a new regulatory framework for businesses that develop or use “high-risk” artificial intelligence (AI) systems in the...more
The Federal Bureau of Investigation (FBI) recently warned employers of increasing security risks from North Korean workers infiltrating U.S. companies by obtaining remote jobs to steal proprietary information and extort money...more
3/21/2025
/ California Consumer Privacy Act (CCPA) ,
Cybersecurity ,
Data Protection ,
Data Security ,
Department of Homeland Security (DHS) ,
European Economic Area (EEA) ,
Extortion ,
FBI ,
General Data Protection Regulation (GDPR) ,
Hackers ,
North Korea ,
Popular ,
Remote Working ,
Risk Management
Virginia has taken a step closer to becoming the second state (after Colorado) to enact comprehensive legislation addressing discrimination stemming from the use of artificial intelligence (AI), with the states taking...more
The U.S. Department of Health and Human Services (HHS) recently released a proposed rule to better protect electronic health data from cybersecurity threats. The proposed rule would apply to health plans, healthcare...more
The Consumer Financial Protection Bureau (CFPB) recently issued guidance that takes an aggressive position regarding the scope of the Fair Credit Reporting Act (FCRA) as covering certain employee monitoring and assessment...more
11/6/2024
/ Algorithms ,
Artificial Intelligence ,
Consumer Financial Protection Bureau (CFPB) ,
Consumer Reporting Agencies ,
Data Collection ,
Employee Monitoring ,
Fair Credit Reporting Act (FCRA) ,
New Guidance ,
Risk Management ,
Screening Procedures ,
Third-Party Service Provider
On February 14, 2024, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) published a new, final version of their guidance for...more
2/26/2024
/ Biden Administration ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Final Guidance ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Security Rule ,
NIST ,
OCR ,
Popular ,
Risk Assessment ,
Risk Management
On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) finalized new rules that mandate public companies to disclose material cybersecurity incidents and provide annual updates on their cybersecurity risk...more