We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
In the past several weeks, the U.S. Department of Health and Human Services ("HHS"), Office for Civil Rights ("OCR") has announced settlements with three health care organizations — Comstar, LLC ("Comstar"); Guam Memorial...more
Health care organizations are under pressure to shore up their cybersecurity response efforts. Much of this pressure is coming from the US Department of Health and Human Services Office for Civil Rights (OCR), which has made...more
In the first five months of 2025, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced it had entered into ten Health Insurance Portability and Accountability Act (HIPAA) resolution...more
Following the Office for Civil Rights (OCR) recent publication of four settlements as part of a new Risk Analysis Audit Initiative. We explore the current regulatory language for Risk Analysis, the proposed language for Risk...more
The New York Attorney General recently entered into an assurance of discontinuance with Root Insurance Company following a 2021 data incident. According to the AG, the threat actors obtained people’s drivers’ license numbers...more
Background - On March 21, 2025, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) announced a settlement with Health Fitness Corporation (“Health Fitness”), a company that provides wellness...more
Arecent report put the odds of an asteroid hitting the earth in December 2032 at 3.1%—which is 3,100 times more likely than an organization resolving an enforcement action with the U.S. Department of Health and Human...more
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) appears to have made cybersecurity its New Year’s resolution. The first few weeks of 2025 have already brought with them proposed amendments to...more
Connecticut Attorney General William Tong announced on October 21, 2024, that his office has settled a data breach case against Guardian Analytics, Inc. for $500,000. The data breach affected the personal information of...more
Close on the heels of its Consent Decrees with TracFone and AT&T, on September 27, 2024, the Enforcement Bureau of the Federal Communications Commission (FCC) announced that it reached a Consent Decree with T-Mobile US, Inc....more
Although the HHS Office for Civil Rights (OCR) described its recent $4.75 million agreement with a Bronx, New York, hospital as settling a “malicious insider cybersecurity investigation,” the agency considered a total of 11...more
Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more
Designed for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy is ideal for practitioners who want a deeper understanding of effective compliance management in a...more
Cybersecurity is a top concern for all industries, particularly for the pharmaceutical and medical device industries. These industries hold some of the most sensitive data and highly valuable technology, making them prime...more
Cybersecurity risk applies to businesses of all sizes and across all industries – it is a risk that cannot be ignored. In particular, cybersecurity risk can no longer be ignored in the deal lifecycle...more
Our Virtual Regional Healthcare Compliance Conferences provide updates on the latest news in regulatory requirement, compliance enforcement, and strategies to develop effective compliance programs. Watch, listen, and ask...more
Consistent with its increasing activity in the cybersecurity enforcement space, in March 2021, the NYDFS issued its first penalty under the Cybersecurity Regulation. This client alert explores the settlement and offers...more
On March 3, 2021, the New York State Department of Financial Services (NYDFS) announced a settlement with Residential Mortgage Services, Inc. (RMS) for $1.5 million in connection with its violation of the NYDFS Cybersecurity...more
Dive into a broad spectrum of topics affecting healthcare organizations. Explore the latest laws, regulations, and developments to help you effectively manage your organization’s privacy compliance program. Our Academies are...more
This two-day Regional Compliance and Ethics Conferences provide attendees with a forum to interact with local compliance professionals, share information about your compliance successes and challenges, and create educational...more
Since the first enforcement actions have been initiated, some with significant fines, many companies may find themselves somewhat at a loss as they may not fully know how to assess the risks involved and how to react should...more
The Office for Civil Rights (OCR) announced on October 23, 2019, that Jackson Health System (“Jackson”), a not for profit hospital system comprised of six hospitals, urgent care centers, nursing facilities and primary care...more
July 2019 brought an escalation in the enforcement of privacy infringements by companies around the world. The trend began with a press release published on July 8, 2019, of a fine in the approximate amount of GBP 183 million...more
Last week, the New York State Senate, at the request of the state attorney general, passed the “Stop Hacks and Improve Electronic Data Security Act” (the “Shield” Act). The bill is currently working its way through the New...more
On October 16, 2018, the Securities and Exchange Commission (SEC) issued a Report of Investigation (Report) detailing an investigation by the SEC’s Enforcement Division into the internal accounting controls of nine issuers...more