We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
In this episode of "Counsel That Cares," Public Policy & Regulation attorney John Vaughan, Healthcare attorney Dan Silverboard and Public Affairs Advisor Sarah Starling Crossan discuss the rapidly evolving landscape of...more
La Commissaire à l’information et à la protection de la vie privée de l’Ontario (la « CIPVP ») a publié un nouveau guide de gestion de la protection de la vie privée (le « Guide ») ayant pour but d’aider les petits organismes...more
In the context of a significant increase in data breaches and cyber-attacks impacting hospitals, the French Data Protection Authority (“CNIL”) has launched a series of investigations and issued several formal notices to...more
March 26, 2025, marked a pivotal moment in the EU with the European Health Data Space Regulation, (EU) 2025/327 (“EHDS Regulation”), coming into force. The EHDS represents a transformative initiative by the European Union...more
When was the last time you thought about “data on file” (“DOF”)? Probably not recently, but last week, the U.S. Food and Drug Administration (FDA) Office of Prescription Drug Promotion (OPDP) posted an untitled letter (the...more
With daily media reports citing to the explosion of interest in Artificial Intelligence (“AI”), AI start-ups have attracted a huge capital influx. During the last fiscal quarter of 2024 ending on December 31st, investors...more
On April 22, 2024, the Department of Health and Human Services (HHS) Office of Civil Rights (OCR) issued a Final Rule titled HIPAA Privacy Rule to Support Reproductive Health Care Privacy (Final Rule)....more
Let’s review for a moment. It’s not a HIPAA violation to be a victim of ransomware. It’s not a HIPAA violation to pay a ransom. It’s up to the covered entity (CE) to determine if a security or privacy incident is a...more
United Healthcare Group (UHG) CEO Andrew Witty was in a board meeting on Feb. 21 when officials interrupted with the news that Change Healthcare—a clearinghouse UHG subsidiary Optum had purchased for $1.3 billion in October...more
On January 1, California's Assembly Bill No. 352 (AB 352) went into effect, introducing significant changes to the handling and sharing of sensitive health information — particularly information related to reproductive health...more
With a couple of “firsts,” the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is signaling that it is cracking down on healthcare organizations that fail to identify and address cybersecurity...more
Online tracking technologies, such as pixels, have become a common feature of the modern web and app ecosystem. Pixels and other online tracking technologies may be configured to collect user data about website visits,...more
Report on Patient Privacy Volume 23, no 7 (July 2023) In two public talks this spring, Melanie Fontes Rainer, director of the HHS Office for Civil Rights (OCR), said completing the 2021 proposed regulation extensively...more
Background - On July 1, an amendment to the Florida Electronic Health Records Exchange Act (the Act) will go into effect. The Act focuses on information safety and sets forth stringent requirements that prohibit health...more
General and specialty compliance training from the comfort of your home or office! HCCA’s Regional Healthcare Compliance Conferences provide practitioners with virtual compliance training that includes updates on the...more
Recently, the Office of the National Coordinator for Health IT (ONC) issued a new series of helpful FAQs related to its information blocking regulations. The new FAQs cover a wide range of topics, including the content and...more
The California Attorney General ("AG") has issued guidance reminding health care providers of their duty to report health care data breaches and to comply with other state and federal data privacy laws....more
Monday, April 5th, marked the deadline for compliance with the information blocking regulations implemented by the Office of the National Coordinator for Health IT (ONC). As a follow-up to our earlier FAQs on these new...more
On April 5, 2021, covered actors, which include health care providers, certified health information technology developers, and health information networks and exchanges, will be prohibited from taking any action that is...more
The 21st Century Cures Act (Act) and a recently adopted final rule by the Office of the National Coordinator for Health Information Technology (ONC) in the U.S. Department of Health and Human Services will now prohibit...more
Data license agreements have been a hot ticket item of the digital health market and are here to stay. With the exponential growth in licensed data, including de-identified patient data, data license agreement litigation and...more
Our Virtual Regional Healthcare Compliance Conferences provide updates on the latest news in regulatory requirement, compliance enforcement, and strategies to develop effective compliance programs. Watch, listen, and ask...more
On March 9, 2020, two final rules on electronic health information were issued by the Office of National Coordinator for Health Information Technology (ONC) and the Centers for Medicare and Medicaid Services (CMS)....more
Every year, we remind our readers that the HIPAA data breach notification regulations require covered entities to notify the Office for Civil Rights (OCR) of any reportable data breaches that involved fewer than 500...more
This two-day Regional Compliance and Ethics Conferences provide attendees with a forum to interact with local compliance professionals, share information about your compliance successes and challenges, and create educational...more