The State of Healthcare Enforcement
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 247: Reimagining Cell Therapy for Solid Tumors with Ming-Wei Chen and Fangheng Zhou of RephImmune
What’s in Your Operating Agreement? Legal Tips for Healthcare Providers
10 For 10: Top Compliance Stories For the Week Ending, July 26, 2025
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
Work this Way: An Employment Law Video Podcast | Episode 50: Creating a Competitive Advantage Through Employee Benefits with Connor Shaw of Gallagher
False Claims Act Insights - Will Recent Leadership Changes Lead to FCA Enforcement Policy Changes?
Podcast: Addressing Patient Complaints About Privacy Violations
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 236: Advocating for Accessible Diagnoses with Sydney Severance of Operation Upright
Podcast - Navigating the New Landscape of Private Equity in Healthcare
Taking the Pulse: A Health Care and Life Sciences Video Podcast | Episode 235: Revolutionizing Cancer Care with Eric Perrault of Kiyatec
Evolving AI Legislation: Federal Policies, Task Forces, and Proposed Laws — The Good Bot Podcast
CareYaya: A Revolutionary Approach to Elder Care
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 234: Life-Saving Collaboration in the Life Sciences Industry with John Crowley, President & CEO of BIO
False Claims Act Insights - Trump DOJ Sharpens Its Focus on Healthcare Fraud
Federal Court Strikes Down FDA Rule on LDTs - Thought Leaders in Health Law®
Breaking Down the Shifting Vaccine Policy Landscape – Diagnosing Health Care Video Podcast
Criminal Health Care Fraud Enforcement: Projections for 2025 and Beyond – Diagnosing Health Care Video Podcast
Healthcare Industry Segment-Specific Compliance Program Guidances (ICPGs)
DOJ Addresses AI in Corporate Compliance Programs — The Good Bot Podcast
At the very top of Fisher-Titus Medical Center’s website is a link to the Change Healthcare HIPAA notice informing visitors of the last day to register for credit monitoring related to the world’s largest breach, which...more
Welcome to our seventh issue of 2025 of Decoded - our technology law insights e-newsletter. What does the US GENIUS Act Mean for Stablecoins? “The White House categorically states it is a historic piece of legislation that...more
Welcome to our fourth issue of 2025 of Decoded - our technology law insights e-newsletter. We hope you enjoy this issue and thank you for reading. Sector by Sector: How Data Breaches are Wrecking Bottom Lines - “Data...more
Concerns about claims of legal professional privilege over third-party investigation reports produced in the course of responding to cyberattacks, and the extent to which such reports can be shielded from disclosure in legal...more
On February 14, 2025, New York’s Governor Hochul signed into law A.B. 920, which amended the state’s Information Security Breach and Notification Act to add personal health information to the types of data that constitute...more
In December 2024, New York Governor Kathy Hochul signed into law two bills (A8872A and S2376B; collectively, the “Bills”) that amend New York’s Data Breach Notification Law. The Bills introduce a maximum thirty-day timeframe...more
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
23andMe agreed to pay $30 million and provide three years of security monitoring to settle a lawsuit accusing the genetics testing company of failing to protect the privacy of 6.9 million customers whose personal information...more
The cyber breach at Change Healthcare in 2024 stands out as one of the most significant cyber-attacks in recent memory. Its repercussions extend far beyond immediate industry disruptions, resonating deeply in regulatory...more
As healthcare technology continues to evolve, so does the need for robust compliance strategies to safeguard patient information and ensure the integrity of medical devices. In a joint September 19, 2024 presentation, the...more
Pennsylvania-based Geisinger Health System said it experienced a breach impacting more than 1.27 million patients when a former employee of vendor Nuance Communications Inc., a Microsoft Corp. subsidiary, accessed patient...more
The Federal Trade Commission (“FTC”) recently published its Final Rule amending the Health Breach Notification Rule (“HBNR”). The updated HBNR, which regulates entities that handle certain personal health information, other...more
The Federal Trade Commission (FTC) issued a final rule to amend its Health Breach Notification Rule (HBN Rule). The HBN Rule requires certain entities that handle unsecured personally identifiable health data to notify...more
The healthcare industry remains a popular target for ransomware attacks. If you haven’t been impacted by a ransomware attack, it’s likely only a matter of time before someone you do business with or buy services from is...more
On April 26, the Federal Trade Commission (FTC) approved its Final Rule revising the Health Breach Notification Rule (HBNR) (“Final Rule”) by a 3-2 vote. The HBNR requires vendors of personal health records (PHR) and related...more
As our loyal Practical Privacy readers may remember, back in December of 2021, the Federal Trade Commission (the “FTC” or “Commission”) began a rulemaking process to update the Commission’s Health Breach Notification Rule...more
United Healthcare Group (UHG) CEO Andrew Witty was in a board meeting on Feb. 21 when officials interrupted with the news that Change Healthcare—a clearinghouse UHG subsidiary Optum had purchased for $1.3 billion in October...more
Organizations typically deal with ransomware attacks out of the public eye, but the massive scale of United Healthcare Group’s (UHG) February breach made that an impossibility. UHG CEO Andrew Witty was recently on the hot...more
Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more
On April 26, 2024, the Federal Trade Commission (“FTC”) announced it had finalized changes to modernize the Health Breach Notification Rule (the “HBNR”) by clarifying its applicability to health and wellness apps and other...more
On April 25, 2024, the attorneys general of 22 states issued a letter encouraging UnitedHealth Group and its subsidiary, Change Healthcare, to take additional steps to respond to a massively disruptive cyberattack. The broad,...more
Cyberhackers—potentially frustrated by their limited ability to extort ransom from health care entities in attacks—have started extorting the patients themselves, threatening them with the release of information or...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (“CISA”) released proposed regulations requiring expansive new cybersecurity incident and ransomware payment reporting across sixteen “critical...more
Why does it matter to you? In February of 2024, Change Healthcare, a prominent player in the healthcare industry, fell victim to a ransomware attack that sent shockwaves through its systems and networks. The incident...more
As the health care industry continues reeling from the recent Change Healthcare ransomware attack that crippled large portions of the U.S. health care system, health care providers are naturally reminded of the importance of...more