Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more
On April 22, 2024, the Health and Human Services’ Office for Civil Rights (OCR) issued the HIPAA Privacy Rule to Support Reproductive Health Care Privacy Final Rule. The final rule limits the sharing of protected health...more
On December 27, 2024, the U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), announced a Notice of Proposed Rulemaking (NPRM) to amend the Security Standards for the Protection of...more
On December 17, 2024, the US Department of Health and Human Services (HHS) Assistant Secretary for Technology Policy/Office of the National Coordinator for Health Information Technology (ASTP) published the Health Data,...more
For more than 20 years, the HIPAA Security Rule has been virtually unchanged other than extending its scope beyond covered entities to also include business associates. During that time, technology has changed, cybersecurity...more
In December 2024, the Assistant Secretary for Technology Policy/Office of the National Coordinator for Health Information Technology (“ASTP/ONC”) within the U.S. Department of Health and Human Services (“HHS”) published two...more
In 2024, the U.S. Department of Health and Human Services Office of Civil Rights (“OCR”) Director Melanie Fontes Rainer announced that OCR will resume auditing Health Information Portability and Accountability Act (“HIPAA”)...more
Let’s review for a moment. It’s not a HIPAA violation to be a victim of ransomware. It’s not a HIPAA violation to pay a ransom. It’s up to the covered entity (CE) to determine if a security or privacy incident is a...more
The HHS Office for Civil Rights (OCR) has abandoned its appeal of a federal judge’s ruling overturning OCR’s guidance prohibiting covered entities (CEs) and business associates (BAs) from using the web-tracking technologies...more
Cyberattacks and data incidents are rapidly increasing, and third-party services companies are a frequent source of exposure for healthcare providers. Healthcare is a prime target for cybercriminals, with ransomware and...more
Healthcare organizations continue to be prime targets of cyberattacks. It is well-established that cyberattacks can lead to financial loss, reputational damage, and, in some cases, risks to patient care and safety. The recent...more
As previously reported in this blog, on Dec. 6, 2023, the Department of Health and Human Services (HHS or the Department) released a “concept paper,” which laid out its vision of future action regarding healthcare...more
The HHS Office for Civil Rights (OCR) and other government agencies aren’t just worried that providers understand—and mitigate—the privacy and security risks of telehealth. In fact, in 2022, the Government Accountability...more
Report on Patient Privacy 23, no. 11 (November, 2023) Tim DiBona clearly remembers Christmas Eve 2018 when the staff of his small firm—Doctors’ Management Service (DMS)—arrived at their West Bridgewater, Mass., office to...more
Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more
Report on Patient Privacy 23, no. 10 (October, 2023) By 2016, it should have been clear to HIPAA covered entities that a security risk analysis—and corresponding risk management plan—were compliance basics. Yet, a new...more
Learning Objectives - Discover the 10 recommended cybersecurity practices from HICP - Understand how the existing resources in place - Ensuring proper compliance between 405(d) and HIPAA regulations...more
The start of 2023 has brought with it significant changes to data privacy – new state laws concerning data privacy came into effect January 1 (the California Privacy Rights Act and the Virginia Consumer Data Protection Act),...more
General and specialty compliance training from the comfort of your home or office! HCCA’s Regional Healthcare Compliance Conferences provide practitioners with virtual compliance training that includes updates on the...more
Get the latest updates on government initiatives related to physicians and clinics - HCCA’s Clinical Practice Compliance Conference provides insights, updates, and strategies that are pertinent to developing and managing...more
Report on Patient Privacy 21, no. 3 (March 2021) - Sometime during the fall, a worker for a subcontractor of Humana Inc. decided to share actual member information from medical records via a Google document with people he...more
Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more
Irrespective of your industry, the current COVID-19 pandemic poses a new and unique challenge to organizations, their employees, and their customers. The emergence of COVID-19 has prompted organizations to collect and process...more
For the second year in a row, Foley & Lardner LLP and PYA hosted a compliance master class on various health-related compliance issues. “Let’s Talk Compliance” is an annual one-day event featuring a panel of presenters that...more
This two-day Regional Compliance and Ethics Conferences provide attendees with a forum to interact with local compliance professionals, share information about your compliance successes and challenges, and create educational...more