Compliance Tip of the Day: Crowd Sourcing Risk Intelligence
AI in eDiscovery Today: An Open Conversation
Tenant Tales and Reseller Realities: Inside the FCRA Arena With Eric Ellman — FCRA Focus Podcast
Early Returns Podcast - Oliver Roberts: AI and the Law, and an Education
Driven by Data: Auto Finance Trends Uncovered - Moving the Metal: The Auto Finance Podcast
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
Innovations in Compliance: Data Collection & Cybersecurity with ModeOne’s Matt Rasmussen and Ryan Frye
Early Days of the Trump Administration: Impact on the CFPB — The Consumer Finance Podcast
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
Innovation in Second Requests: Data is Your Greatest Asset
Podcast: How Delaying Third Party Discovery Can End Up Costing You Dearly
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
The Presumption of Innocence Podcast: Episode 48 - Digital Boundaries: Fourth Amendment Protections in a Connected World
eDiscovery Needs Digital Forensics for a Mobile World
A Sneak Peek into Data Mapping: What Implementation Really Looks Like
It's Time to Think About Data Mapping Differently
EEO-1 Filing After June 4: What to Do Now, and How to Prepare for Next Year - Employment Law This Week®
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
On June 6, 2025, the United States District Court for the Northern District of California dismissed a number of claims being brought against Google related to its alleged improper collection of health-related data though...more
At a time where personal fitness devices track everything from heart rate to sleep quality, employers are increasingly integrating wearable technology — like Fitbits, Apple Watches, and Oura Rings — into their corporate...more
Employers' access to, and retention of, employee medical information can be fraught with legal risk. Even the most seasoned HR professionals have trouble navigating the complex rules and regulations governing employee medical...more
In May 2025, Montana enacted Senate Bill 163 (SB 163), amending that state’s Genetic Information Privacy Act (MGIPA) to include protections for neurotechnology data—namely, data collected from the activity of the central or...more
Amazon faces allegations of unauthorized data collection in violation of federal and state privacy laws, including a first-of-its-kind claim under Washington’s My Health My Data Act (“MHMDA”). The MHMDA restricts businesses...more
On February 10, 2025, a Washington state resident filed a lawsuit on behalf of herself and similarly situated individuals against Amazon under the Washington My Health My Data Act (MHMD). This is the first lawsuit brought...more
New York State appears poised to become the fourth state to explicitly regulate consumer health data not covered by the federal Health Insurance Portability and Accountability Act (HIPAA)....more
On January 22, 2025, the New York State Assembly and Senate rapidly passed the wide-ranging New York Health Information Privacy Act (“NY HIPA”). If not vetoed by Governor Kathy Hochul, NY HIPA would be the fourth enacted...more
Last week, the New York legislature passed the New York Health Information Privacy Act (S 929) (the “Act”). If signed into law, the Act will add New York to the list of states that have enacted consumer health data-specific...more
On April 26, the US Department of Health and Human Services Office for Civil Rights (OCR) published a Final Rule that adds protections under the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule...more
On April 7, 2024, a draft of the American Privacy Rights Act was introduced. Bringing forth this bipartisan-supported bill represents a significant step toward privacy regulation in the United States. The proposed act brings...more
Washington’s My Health My Data Act (MHMDA) was enacted in an effort to close a perceived gap in privacy protection for consumer health data. MHMDA’s focus on consumer health data and right of private action deviate from...more
On January 8, 2024, New Jersey’s State Legislature passed the Disclosure and Accountability Transparency Act (the “Data Act”). Following Governor’s signature within 45 days, the Data Act would take effect one (1) year after...more
With the flurry of new consumer privacy laws enacted in states across the country, it is vital for healthcare companies that are not regulated under HIPAA to remain informed of this changing landscape in order to plan and...more
On November 30, the Illinois Supreme Court unanimously ruled that the Biometric Information Privacy Act (BIPA) does not apply to health care workers whose fingerprints are collected, stored, and used to access medication and...more
...Innovation in connected medical devices is critical to advances in health care outcomes, user experience, and reducing costs. These exciting technologies also can be challenging when it comes to navigating the complex...more
On November 30, 2023, the Illinois Supreme Court unanimously held in Mosby et al. v. The Ingalls Memorial Hospital et al. that when biometrics of healthcare employees are collected in the course of providing medical services,...more
Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more
Adding to the growing trend of policymakers interested in regulating health and wellness data, last week U.S. Senator Bill Cassidy requested stakeholder feedback to help identify solutions to modernize HIPAA and ensure all...more
The FTC and OCR at HHS are continuing to scrutinize the use of tracking technologies that may reveal information about a person’s health or health status. Both agencies recently sent a letter to a reported 130 hospitals and...more
Texas Governor Greg Abbott signed into law the Texas Data Privacy and Security Act (TDPSA) on June 18, 2023. With the passage of TDPSA, Texas becomes the tenth state to adopt a consumer data privacy law. TDPSA passed the...more
In late April, Washington's governor signed the My Health My Data Act, or MHMD, into law. The law, which goes into effect next year, aims to regulate the vast amount of health-related data processing that takes place...more
Washington state’s My Health, My Data Act (the Act), signed into law in April 2023, is a broad health data privacy law designed to protect consumer health data that falls outside the scope of HIPAA, such as health-related...more
The Tennessee governor has signed Tennessee’s comprehensive privacy law, which as we have indicated will go into effect July 1, 2025. As initially proposed, the law would have been effective July 1, 2024, and would have...more
Tennessee has joined the growing number of states that have enacted comprehensive data privacy laws. On the final day of this year’s legislative session, the Tennessee legislature passed the Tennessee Information Protection...more