No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
Lawyers Beware: There Could Be Serious Ethics Issues With The New AI Browsers
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
10 For 10: Top Compliance Stories For the Week Ending July 19, 2025
SkadBytes Podcast | Tech’s Shifting Landscape: Five Trends Shaping the Conversation
Hospice Insights Podcast - AI in Action: Exploring How AI Is Helping Hospices Do Things in New Ways
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
#Risk New York Speaker Series – Exploring Future Regulatory Trends and Compliance Strategies with Rory McGrath
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
#Risk New York Speaker Series – Inside Behavioral Insights: Tom Hardin on Compliance at #RiskNYC
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Rethinking Records Retention
#Risk New York Speaker Series: The Future of AI Governance in GRC with Matt Kelly
Health care remains one of the most targeted and vulnerable sectors when it comes to cyberattacks. In fact, a recent breach at a major health care analytics firm exposed the data of 5.4 million U.S. patients, making it one of...more
The Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act, and the regulations promulgated thereunder (collectively “HIPAA”) is a...more
Unlike other sectors, US healthcare businesses must reconcile cost-saving strategies with stringent compliance obligations, especially when patient data crosses national borders or is accessed overseas....more
For AI companies in the health care space, data is everything. It fuels model performance, drives product differentiation, and can make or break scalability. Yet too often, data rights are vaguely defined or completely...more
When it comes to safeguarding health data, the Health Insurance Portability and Accountability Act (HIPAA) is paramount. HIPAA’s extensive reach encompasses nearly all healthcare providers and all health plans, affecting just...more
Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: Virginia Governor Signs Bill Restricting Minor’s Use of Social Media:...more
Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. ...more
On March 15, Kentucky passed HB 473 (the “bill”), which amends the Kentucky Consumer Data Protection Act (the “Act”), whose passage was previously covered by InfoBytes and goes into effect on January 1, 2026. The bill creates...more
Cyberattacks remain one of the most serious threats facing the healthcare industry. Healthcare providers and their vendors handle sensitive and valuable health data, making them prime targets for cybercriminals....more
On Jan. 6, 2025, the U.S. Department of Health and Human Services (HHS) proposed new regulations to enhance cybersecurity protections for electronic protected health information (ePHI) under the Health Insurance Portability...more
A HIPAA compliance assessment is an evaluation of an organization's practices, policies, and procedures to ensure that they align with requirements from the Health Insurance Portability and Accountability Act (“HIPAA”). It...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
Amazon faces allegations of unauthorized data collection in violation of federal and state privacy laws, including a first-of-its-kind claim under Washington’s My Health My Data Act (“MHMDA”). The MHMDA restricts businesses...more
Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more
As the legislative season continues, some states, like Georgia and Oklahoma, have continued to progress in the efforts to establish a comprehensive data privacy law while others, such as Alabama, Illinois, and Massachusetts,...more
The New York State legislature passed the Health Information Privacy Act (“NYHIPA”) on January 22, 2025, marking the second state to introduce a comprehensive consumer health data law. If passed, the NYHIPA imposes more...more
In February, a coalition of healthcare organizations sent a letter to President Donald J. Trump and the U.S. Department of Health and Human Services (HHS) (the Letter), urging the immediate rescission of a proposed update to...more
Please visit here to visit our Mintz Matrix page with the latest edition of the Mintz Matrix, which is a 50-state resource we have maintained since 2009 to break down and summarize requirements of U.S. state data breach...more
In late December 2024, the Office of Civil Rights at the U.S. Department of Health and Human Services (“OCR”) issued a notice of proposed rulemaking to modify the Security Standards to the Protection of Electronic Protected...more
In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we are exploring the justifications...more
If enacted, the New York Health Information Privacy Act (“NYHIPA”) will be the latest in a series of state privacy laws that regulate health data outside of the traditional health care context. It would follow the passage of...more
In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we are exploring the proposed updates...more
New York State appears poised to become the fourth state to explicitly regulate consumer health data not covered by the federal Health Insurance Portability and Accountability Act (HIPAA)....more
Employee security awareness training is a best practice and a “reasonable safeguard” for protecting the privacy and security of an organization’s sensitive data. The list of data privacy and cybersecurity laws mandating...more
On January 6, 2025, the Biden Administration issued a new proposed rule updating the HIPAA Security Standards ( “Proposed Rule”). The original HIPAA Security Standards were issued in 2003 and updated in 2013 and require that...more