Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
The Trend of Threatening Physicians for Personal Gain
Navigating Legal Strategies for Covering GLP-1s in Self-Insured Medical Plans — Employee Benefits and Executive Compensation Podcast
Podcast: Addressing Patient Complaints About Privacy Violations
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
Top Healthcare Compliance Priorities for 2025
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
Building a Solid HR Foundation in Healthcare Practices
New Developments in Health Information Policy
New HIPAA Final Rule: Key Changes to Reproductive Health Care Privacy - Thought Leaders in Health Law®
Healthcare Document Retention
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 192: Business Issues for Healthcare with Ira Bedenbaugh and Randi Branham of Elliott Davis
Business Better Podcast Episode: Cyber Adviser – Your Data, My Headache: Consumer Health Data Laws
Conducting Healthcare Compliance Investigations
The FTC's Health Privacy Enforcement Actions
Web-based Tracking Technology and AI: HIPAA Compliance Issues for Health Care Practices
Podcast: Discussing the Implications of Healthcare Privacy Violations
Podcast: Keeping an Eye on HIPAA Trends with Shannon Hartsfield
Podcast - Artificial Intelligence in Healthcare and How to Comply with HIPAA & State Privacy Laws
Meeting Cancer Reporting Requirements
Please visit here to visit our Mintz Matrix page with the latest edition of the Mintz Matrix, which is a 50-state resource we have maintained since 2009 to break down and summarize requirements of U.S. state data breach...more
Data breaches come in many different forms, sizes, and levels of complexity, but they tend to share certain key facts: A third-party bad actor—whether through a phishing attack, a ransomware attack, exploitation of a zero-day...more
The law can be funny. Not in a comedic way, but in a way that defies expectations about what is needed to bring a cause of action. Sometimes this is manifested in the quantum of evidence needed to bring an action and survive...more
HIPAA-covered entities must notify the U.S. Department of Health and Human Services Office for Civil Rights (OCR) of "small" breaches of unsecured protected health information that were discovered during calendar-year 2022 no...more
For the first time ever, the Federal Trade Commission (FTC) is seeking enforcement under the Health Breach Notification Rule. This regulation requires certain businesses not covered by the Health Insurance Portability and...more
Designed for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy is ideal for practitioners who want a deeper understanding of effective compliance management in a...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
When can a data breach get worse? When the process of notifying victims creates a second breach. Take the example of a cancer treatment center that recently paid $425,000 to settle allegations that included a faulty...more
The California Consumer Privacy Act (CCPA), considered one of the most expansive U.S. privacy laws to date, went into effect on January 1, 2020. The CCPA placed significant limitations on the collection and sale of a...more
On October 1, 2021, two Acts overhauling data privacy and cybersecurity in Connecticut took effect—the latest instance of stronger state breach reporting requirements with a safe harbor protection from litigation for...more
Our Virtual Regional Healthcare Compliance Conferences provide updates on the latest news in regulatory requirement, compliance enforcement, and strategies to develop effective compliance programs. Watch, listen, and ask...more
In an aggressive expansion of its security and privacy enforcement programs, on September 15, 2021, the FTC issued what it characterized as a “Policy Statement” reinterpreting an old rule about personal health records....more
The world continues to struggle with the impacts of the COVID-19 pandemic, and pressures mount on health care organizations to properly share personal health information. While resources abound on how federal rules such as...more
On June 16, and then on July 6, 2021, Connecticut Governor Ned Lamont signed into law a pair of bills that together address privacy and cybersecurity in the state....more
Each Academy provides three-and-a-half days of classroom-style training covering the latest laws, regulations, and developments to help you effectively manage your organization’s compliance program. They are ideal for...more
With 2021 underway, covered entities should be mindful of the annual Health Insurance Portability and Accountability Act (HIPAA) small breach reporting deadline. HIPAA requires covered entities to report breaches of unsecured...more
Dive into a broad spectrum of topics affecting healthcare organizations. Explore the latest laws, regulations, and developments to help you effectively manage your organization’s privacy compliance program. Our Academies are...more
On September 23, 2020, the Office for Civil Rights (OCR) within the U.S. Department of Health and Human Services (HHS) announced that CHSPSC LLC, (CHSPSC) agreed to pay $2,300,000 and adopt a Corrective Action Plan (CAP) to...more
Today the Office of Civil Rights (OCR) at the U.S. Department of Health and Human Resources announced that a Georgia orthopedic clinic agreed to pay $1.5 million and adopt a two-year corrective action plan to settle potential...more
On August 20, 2020, former Uber Chief Security Officer Joe Sullivan was charged with obstruction of justice and misprision of a felony for knowingly concealing a hack of Uber in 2016. Based on Sullivan’s complaint,...more
In a ruling that could have broad ramifications for health data sharing, a federal judge has ruled that a patient complaining about a hospital sharing his health data without permission lacked standing because he suffered no...more
A recent decision in Indiana highlights the data security liability risks facing employers based on the actions of their employees, extending vicarious liability even to cases where the employees were acting wholly for...more