On May 12, 2025, Matthew Galeotti, the Head of the Criminal Division of the Department of Justice (“DOJ”), announced changes to DOJ’s white collar enforcement priorities and corporate cooperation policy. During a speech on...more
Last month, the Federal Trade Commission (“FTC”) announced its first-ever enforcement action under the Health Breach Notification Rule (“HBNR” or “the Rule”). In a complaint filed in February, the agency alleged that GoodRx...more
On June 24, 2022, the New York Department of Financial Services (“DFS”) announced a cybersecurity settlement with Carnival Corporation d/b/a Carnival Cruise Line, Princess Cruise Lines, Holland America Line, Seabourn Cruise...more
From the rise in ransomware attacks to inadvertent disclosure of information by subcontractors, the health services industry is reminded that a potential consequence of a data breach is the threat of a regulatory enforcement...more
4/26/2016
/ Business Associates ,
Covered Entities ,
Cyber Attacks ,
Data Breach ,
Data Security ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Hospitals ,
OCR ,
PHI ,
Ransomware ,
Subcontractors
In a significant development, the FTC announced today that LifeLock, the identity theft protection company, has agreed to settle the FTC contempt charges against it for $100 million. This is the largest monetary award the...more
In a test of the Federal Trade Commission’s authority to police cybersecurity, the Third Circuit Court of Appeals yesterday ruled that the agency has broad power to take action against private sector companies which fail to...more