News & Analysis as of

Compliance Ransomware

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
Health Care Compliance Association (HCCA)

Federal Judge in Change Class Actions Juggling 90 Cases, Found ‘Misconduct’ by UnitedHealth

Health Care Compliance Association (HCCA) on

In the 18 months since the Change Healthcare breach occurred, class action suits—filed by both patients and providers—continue to multiply, with no resolution yet in sight. In fact, in late June, the Minnesota judge presiding...more

Ankura

HIPAA Security Risk Analysis – How should regulated entities prepare for the Office for Civil Rights (OCR) Risk Analysis Audit...

Ankura on

Following the Office for Civil Rights (OCR) recent publication of four settlements as part of a new Risk Analysis Audit Initiative. We explore the current regulatory language for Risk Analysis, the proposed language for Risk...more

Axinn, Veltrop & Harkrider LLP

Axinn Associates at the Spring Meeting: Considerations on Data Privacy and AI Usage for Healthcare Companies

Axinn, Veltrop & Harkrider LLP on

The February 2024 ransomware attack on Change Healthcare was the largest healthcare data breach in U.S. history. The attack disrupted operations—impacting patient care and provider finances—and potentially exposed the...more

NAVEX

Business resiliency needs to take centerstage if you want to keep pace with cyber threats and supply chain disruptions

NAVEX on

2024 was a year of numerous and notable cybersecurity failures – although, to be fair, most years are now marred by numerous and notable cybersecurity failures. That’s no longer anything special. What makes 2024 interesting...more

HaystackID

Rising Cyber Threats in Europe’s Financial Sector: An ENISA Overview

HaystackID on

Between January 2023 and June 2024, cyber threats targeting Europe’s financial sector escalated, posing risks to banks, financial service providers, and regulatory bodies. According to the ENISA Threat Landscape: Finance...more

Robinson+Cole Data Privacy + Security Insider

Joint Cybersecurity Advisory Released on Ghost (Cring) Ransomware

Robinson+Cole Data Privacy + Security Insider on

The Cybersecurity & Infrastructure Security Agency, the Federal Bureau of Investigation, and the Multi-State Information Sharing and Analysis Center released an advisory on February 19, 2025, providing information on Ghost...more

Foley & Lardner LLP

Cybersecurity Executive Order—Key Implications for the Manufacturing Industry

Foley & Lardner LLP on

On January 16, 2025, President Joe Biden issued the “Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity,” a comprehensive directive designed to address the growing complexity and...more

Health Care Compliance Association (HCCA)

With Nod to OCR, Indiana Inks $350K Deal With Dental Firm Following Hack

Health Care Compliance Association (HCCA) on

Recent federal enforcement actions have brought home the lesson that there’s really no acceptable reason for denying a patient timely access to medical records. Last year, for example, the HHS Office for Civil Rights (OCR)...more

Hogan Lovells

Slew of OCR activity underscores agency’s focus on security and AI

Hogan Lovells on

Recent enforcement actions, audit activity, proposed rulemakings, and guidance issued by the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) highlight the agency’s focus on health data...more

Jackson Lewis P.C.

FAQs for Schools and Persons Affected By the PowerSchool Data Breach

Jackson Lewis P.C. on

A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more

American Conference Institute (ACI)

[Event] 2nd National Conference on Cybersecurity Law & Compliance - January 29th - 30th, Arlington, VA

American Conference Institute (ACI) on

Cyberattacks are affecting every company and sector. Meanwhile, the regulatory landscape is intensifying as the SEC continues to enforce the cyber-risk management disclosure rules. Every day presents a new compliance and...more

Robinson+Cole Data Privacy + Security Insider

A Year in Privacy and Security: Privacy Violations, Large-Scale Data Breaches, and Big Fines and Settlements

Robinson+Cole Data Privacy + Security Insider on

2024 was a year chock-full of data breaches and privacy violations. Many new data privacy and cybersecurity regulations were introduced (and became effective), and regulators sent a strong message to businesses that privacy...more

Mintz - Health Care Viewpoints

OCR Proposes Sweeping HIPAA Security Rule Amendments

Mintz - Health Care Viewpoints on

Last fall at the Safeguarding Health Information: Building Assurance Through HIPAA Security 2024 conference, U.S. Department of Health & Human Services Office for Civil Rights (OCR) promised that before year’s end, it would...more

Paul Hastings LLP

SEC Cybersecurity Incident Disclosure Report

Paul Hastings LLP on

Paul Hastings released its SEC Cyber Incident Disclosure Report today, providing a unique look at how public companies have responded to new incident disclosure requirements. The Securities Exchange Commission (SEC) approved...more

Lippes Mathias LLP

Hospital Administrators – Is Your Hospital Cyber-Secure?

Lippes Mathias LLP on

On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more

Health Care Compliance Association (HCCA)

Privacy Briefs: November 2024

Health Care Compliance Association (HCCA) on

Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more

Winstead PC

HIPAA Gets a Potential Counterpart in HISAA

Winstead PC on

Americans hear about cybersecurity incidents on a frequent basis. As the adage goes, it is not a matter of “if” a breach or security hack occurs; it is a matter of “when.”...more

Dentons

Ep. 38 – Halloween Special: Compliance Nightmares

Dentons on

In healthcare, compliance issues can quickly escalate into compliance nightmares, with serious implications for patient safety, legal liability, and an organization’s reputation. Among the most common compliance nightmares...more

Holland & Knight LLP

Safeguarding Health Information: Takeaways from HHS and NIST 2024 HIPAA Security Conference

Holland & Knight LLP on

President Ronald Reagan famously quipped, "I think you all know that I've always felt that the nine most terrifying words in the English language are: I'm from the Government, and I'm here to help."1 At an Oct. 23-24, 2024,...more

Williams Mullen

Ransomware Hat Trick: OCR Scores Three Major Enforcement Actions in 2024

Williams Mullen on

Ransomware attacks are a growing threat in the health care sector due to the value of personal health information (PHI). In addition to being expensive, these attacks can cripple health care operations, delay patient care,...more

Holland & Hart LLP

OCR Provides Guidance to the Healthcare Industry to Combat Ransomware Attacks

Holland & Hart LLP on

In the spirit of National Cybersecurity Awareness Month, the Office of Civil Rights (“OCR”) released a new video on October 17, 2024, to promote awareness on ransomware trends in the healthcare industry and how HIPAA subject...more

Health Care Compliance Association (HCCA)

2nd Settlement Triggered by 2017 Ransomware Attack Costs WA Practice $100K; ‘Not a Breach’

Health Care Compliance Association (HCCA) on

Let’s review for a moment. It’s not a HIPAA violation to be a victim of ransomware. It’s not a HIPAA violation to pay a ransom. It’s up to the covered entity (CE) to determine if a security or privacy incident is a...more

Ankura

Navigating the Fallout: Essential Insights for Healthcare Companies in Light of the Change Healthcare Cyber Breach

Ankura on

The cyber breach at Change Healthcare in 2024 stands out as one of the most significant cyber-attacks in recent memory. Its repercussions extend far beyond immediate industry disruptions, resonating deeply in regulatory...more

Health Care Compliance Association (HCCA)

[Event] Regional Healthcare Compliance Conference - October 11th, Denver, CO

Health Care Compliance Association (HCCA) on

Looking for compliance education and networking in your area? HCCA’s Regional Healthcare Compliance Conferences offer practitioners convenient, local compliance education on a wide variety of current and emerging topics...more

Health Care Compliance Association (HCCA)

Privacy Briefs: September 2024

Health Care Compliance Association (HCCA) on

The HHS Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying 946,801 people whose protected health information or other personally identifiable information...more

102 Results
 / 
View per page
Page: of 5
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide