No Password Required: From Heavy Metal to the Front Lines of Cyber Innovation
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Herb Stapleton's FBI Experience Proves to be Asset to Dinsmore's Corporate Team
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
2023 DSIR Report Deeper Dive into the Data
Cybersecurity: What Healthcare Providers Need to Know
2022 DSIR Deeper Dive: NFTs
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
Hot Topics: Risk Management for Cybersecurity
2022 DSIR Report Deeper Dive: The Expanding Landscape of State Data Privacy Laws
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
2022 DSIR Report Deeper Dive: Personal Data Deletion
Panel Pursuit: The Ins and Outs of Becoming a Preferred Panel Vendor - Unauthorized Access Podcast
In today’s healthcare environment, compliance is a defining element of patient care quality, operational integrity, and public trust. Oversight from agencies such as the Office for Civil Rights (OCR), the Centers for Medicare...more
Significant data breaches have affected major players in the healthcare industry in the last year, with the methods of attack being as diverse as the affected entities themselves. Originally published in Law360 - June 4,...more
As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more
On October 2, the New York State Department of Health (NYSDOH) issued new cybersecurity regulations (Regulations) for all general hospitals in New York state (“hospitals”), creating a new Section 405.46 in Title 10 (Health)...more
During the first half of this webinar, Jen Mitchell, Bryan Murray and Laura Fryan, will focus on practical tips and pointers on avoiding a HIPAA breach and what lessons you can take away from the Change Healthcare breach. ...more
On May 30, 2024, the Federal Trade Commission (FTC or the Commission) published finalized amendments to the Health Breach Notification Rule (HBNR) that augment the prior rule’s scope and application. The updated final rule...more
On November 13, 2023, Governor Kathy Hochul announced plans to regulate cybersecurity for New York general hospitals regulated under Article 28 of the Public Health Law. As proposed, the regulations will provide an additional...more
Data breaches come in many different forms, sizes, and levels of complexity, but they tend to share certain key facts: A third-party bad actor—whether through a phishing attack, a ransomware attack, exploitation of a zero-day...more
We have been quite busy this October, which happens to be National Cybersecurity Awareness Month. But, we did not want to let the month go by without some recognition; and we are grateful to the HHS Office for Civil Rights...more
Report on Patient Privacy 22, no. 3 (March, 2022) - Typically a “legacy” describes the lasting impact of an influential person or movement, most often in a positive sense. Not so with medical devices. When legacy is applied...more
Desiree Moore, Gina Bertolini, and Jackie Hoffman discuss the increasing impact of data security incidents and security breaches on the health care sector. They define what qualifies under HIPAA as a protected health...more
The Department of Justice recently announced the launch of its new Civil Cyber-Fraud Initiative (the “Initiative”) which intends to use the False Claims Act to pursue “cybersecurity-related fraud by government contractors and...more
In the fast-moving industry of cyber incident response, success and efficiency come from preparation. Once a matter is promoted to review, the most common request for timing is “as soon as possible.” How is a client’s desire...more
An amendment to the Health Information Technology for Economic and Clinical Health (HITECH) Act was signed into law on Jan. 5, 2021, directing U.S. Health and Human Services (HHS) to consider "recognized security practices"...more
The outbreak of the 2019 Novel Coronavirus (2019-nCoV) has created a number of questions and compliance challenges for employers in the United States as well as across the globe. This is a fluid and rapidly changing...more
Missouri’s Cass Regional Medical Center (CRMC) was recently hit with a ransomware attack. Existing patients continued to receive care, but incoming trauma and stroke patients were diverted to other facilities. The hospital...more
Companies that have a breach involving PHI worry not only about fines and penalties imposed by HHS, but about class action lawsuits. The risk that a class action lawsuit will lead to financial liability, however, is often...more
Imagine for a moment that your hospital or physician practice suddenly cannot access its electronic medical records. There hasn’t been a natural disaster. No, instead you are inexplicably staring at a computer screen from an...more
In September 2015, a U.S. Department of Health and Human Services (HHS), Office of the Inspector General (OIG), report found that the Office of Civil Rights (OCR), the agency charged with ensuring compliance with the Health...more