Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
March 26, 2025, marked a pivotal moment in the EU with the European Health Data Space Regulation, (EU) 2025/327 (“EHDS Regulation”), coming into force. The EHDS represents a transformative initiative by the European Union...more
On February 8, 2024, the Department of Health and Human Services (HHS) posted a final rule that aims to align 42 CFR Part 2 (Part 2) — which protects certain substance abuse disorder (SUD) records — with the Health Insurance...more
As more and more states consider consumer privacy laws, the first-of-its kind My Health My Data Act (the Act) could be a harbinger of health and wellness compliance requirements to come. The ramifications of Washington...more
On January 1, California's Assembly Bill No. 352 (AB 352) went into effect, introducing significant changes to the handling and sharing of sensitive health information — particularly information related to reproductive health...more
You are the HIPAA privacy official of a hospital or health plan (a covered entity under HIPAA). You receive an email from a vendor that handles protected health information (a business associate), informing you that one month...more
Recent developments at the federal and state level demonstrate that regulators are focused on protecting consumer health data. Specifically, state and federal regulators want to close the gap between HIPAA-protected data and...more
In May 2023, the Florida Legislature amended the Florida Electronic Health Records Exchange Act to add a provision regarding the security and storage of patient information. It took effect on July 1, 2023. To ensure...more
Background - On July 1, an amendment to the Florida Electronic Health Records Exchange Act (the Act) will go into effect. The Act focuses on information safety and sets forth stringent requirements that prohibit health...more
There have been several recent governmental actions which highlight the balance between securing electronic patient information and the need for interoperability and appropriate exchange of such information. This article will...more
To say there’s been a lot of new privacy law in the last decade is an understatement. For those of us who think we’ve “seen it all,” many of these new laws arrive and elicit a sense of challenge (for the optimists) or mild...more
Health care providers subject to the Information Blocking rules issued under the 21st Century Cures Act, Pub.L. 114–255, are reminded that such Information Blocking rules will apply to an expanded set of information beginning...more
The FTC recently published two new resources for complying with the Health Breach Notification Rule. The Rule requires vendors of personal health records (PHR), PHR-related entities and service providers to these entities, to...more
The 21st Century Cures Act directed the National Coordinator to “develop or support a trusted exchange framework, including a common agreement among health information networks nationally.” Fulfilling that mandate, the Office...more
Recently, the Office of the National Coordinator for Health IT (ONC) issued a new series of helpful FAQs related to its information blocking regulations. The new FAQs cover a wide range of topics, including the content and...more
The Department of Health and Human Services (HHS) announced on April 2 that HHS is exercising its enforcement discretion to permit business associates to use and disclose protected health information (PHI) for public health...more
Data compliance in China’s health care industry is multifaceted and highly sensitive, and applies to numerous types of data generated across the continuum of care. Multiple pieces of legislation prescribe complex regulatory...more
Federal regulators are flexing their regulatory muscle to accelerate a long-desired but often elusive goal: the interoperability of health information technology (health IT) systems. Interoperability refers to the ability of...more
Atrium Health and its vendor AccuDoc Solutions have released a joint announcement this week that AccuDoc’s database of 2.6 million billing records of Atrium Health’s patients has been compromised by a hacking incident....more
Cyber-attacks on healthcare data are becoming increasingly common and costly and last week even CMS announced that it had suffered a data breach....more
On September 17, 2018, the federal Office of the National Coordinator for Health Information Technology (ONC) submitted proposed new rules to the Office of Management and Budget (OMB), entitled, “21st Century Cures Act:...more
There are arguments that there is a dearth of guidance by both the Office for Civil Rights (OCR) and Federal Trade Commission (FTC), so when guidance comes out, we listen. But the most recent guidance jointly issued by the...more
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued a new guidance regarding HIPAA compliance and the use of cloud computing solutions. The guidance is intended to assist covered entities...more
On July 19, 2016, the ONC submitted a report to Congress which suggests that health privacy regulations soon may be revised to catch up with the universe of mHealth technologies that now use and share personal health data....more
On September 2, the Department of Health and Human Services Office of Civil Rights (OCR) announced a settlement with Cancer Care Group, P.C., a thirteen-physician oncology practice in Indiana related to violations of the...more
On September 2, 2015, the U.S. Department of Health & Human Services (HHS) announced that Cancer Care Group, P.C. (CCG), a physician practice located in Indiana, agreed to pay $750,000 as part of a settlement to resolve...more