Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
The Trend of Threatening Physicians for Personal Gain
Navigating Legal Strategies for Covering GLP-1s in Self-Insured Medical Plans — Employee Benefits and Executive Compensation Podcast
Podcast: Addressing Patient Complaints About Privacy Violations
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
Top Healthcare Compliance Priorities for 2025
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
Building a Solid HR Foundation in Healthcare Practices
New Developments in Health Information Policy
New HIPAA Final Rule: Key Changes to Reproductive Health Care Privacy - Thought Leaders in Health Law®
Healthcare Document Retention
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 192: Business Issues for Healthcare with Ira Bedenbaugh and Randi Branham of Elliott Davis
Business Better Podcast Episode: Cyber Adviser – Your Data, My Headache: Consumer Health Data Laws
Conducting Healthcare Compliance Investigations
The FTC's Health Privacy Enforcement Actions
Web-based Tracking Technology and AI: HIPAA Compliance Issues for Health Care Practices
Podcast: Discussing the Implications of Healthcare Privacy Violations
Podcast: Keeping an Eye on HIPAA Trends with Shannon Hartsfield
Podcast - Artificial Intelligence in Healthcare and How to Comply with HIPAA & State Privacy Laws
Meeting Cancer Reporting Requirements
Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: Texas Limits Punitive Damage Liability For Data Security Breach...more
Pennsylvania-based Chord Specialty Dental Partners is under fire after a September 2024 data breach compromised the personal information of over 173,000 individuals. At least seven proposed class action lawsuits have been...more
In October, the HHS Office for Civil Rights (OCR) fined Providence Medical Institute (PMI) $240,000, an amount that reflected a 20% discount for having “recognized security practices” (RSPs) in place. But many more covered...more
In late March 2025, the Florida Bar Board of Governors unanimously endorsed the recommendation of its Special Committee on Cybersecurity and Privacy Law that law firms should adopt written incident response plans (IRPs) to...more
HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more
23andMe’s recent Chapter 11 bankruptcy filing has sparked significant concerns over the privacy and security of genetic data belonging to its 15 million customers. Founded in 2006, 23andMe built its business around...more
On March 21, 2025, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement of HIPAA security rule claims involving Health Fitness Corporation (Health Fitness). Health Fitness...more
An insured who purchased insurance specifically for privacy injury liability was recently forced to sue its insurer after it denied coverage. The insured allegedly “installed web beacons and cookies on its platforms so that...more
Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more
Please visit here to visit our Mintz Matrix page with the latest edition of the Mintz Matrix, which is a 50-state resource we have maintained since 2009 to break down and summarize requirements of U.S. state data breach...more
In late December 2024, the Office of Civil Rights at the U.S. Department of Health and Human Services (“OCR”) issued a notice of proposed rulemaking to modify the Security Standards to the Protection of Electronic Protected...more
Welcome to our second issue of 2025 of Decoded - our technology law insights e-newsletter. For those of you with an interest in the Corporate Transparency Act, Brienne Marco and Joe Unger report that the recent injunction...more
The saga that led Children’s Hospital Colorado to accept a fine of more than $500,000 imposed by the HHS Office for Civil Rights (OCR) began on July 11, 2017, when a physician’s email account containing details on 3,300...more
As the new year begins, it is useful to review your practice’s processes and policies to ensure that the practice operates with efficiency and remains compliant with ever-changing healthcare regulations....more
With the onslaught of new privacy, AI and cyber legislation coupled with promises for enforcement and class action litigation, running a well-functioning and flexible privacy and cyber program is increasingly a critical...more
As the integration of technology in the workplace accelerates, so do the challenges related to privacy, cybersecurity, and the ethical use of artificial intelligence (AI). Human resource professionals and in-house counsel...more
Recent federal enforcement actions have brought home the lesson that there’s really no acceptable reason for denying a patient timely access to medical records. Last year, for example, the HHS Office for Civil Rights (OCR)...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
In December 2024, New York Governor Kathy Hochul signed into law two bills (A8872A and S2376B; collectively, the “Bills”) that amend New York’s Data Breach Notification Law. The Bills introduce a maximum thirty-day timeframe...more
Let’s review for a moment. It’s not a HIPAA violation to be a victim of ransomware. It’s not a HIPAA violation to pay a ransom. It’s up to the covered entity (CE) to determine if a security or privacy incident is a...more
Ethical hackers are becoming crucial allies in the battle against healthcare data breaches and ransomware attacks. In the twelfth episode of Sheppard Mullin’s Health-e Law Podcast, Ilona Cohen, Chief Legal Officer and Chief...more
On July 19, Change Healthcare Ince. filed a breach report with HHS Office for Civil Rights (OCR) concerning its mammoth ransomware attack and breach. The organization’s breach report to OCR identifies just 500 individuals as...more
Pennsylvania-based Geisinger Health System said it experienced a breach impacting more than 1.27 million patients when a former employee of vendor Nuance Communications Inc., a Microsoft Corp. subsidiary, accessed patient...more