Episode 384 -- Third-Party Risks and Sanctions
New FLSA Notice Standard, DOL’s PAID Program, Axed Wage and Hour Penalties - #WorkforceWednesday® - Employment Law This Week®
Compliance into the Weeds: A Deep Dive into Cadence Design Systems’ Export Control Violations
False Claims Act Insights - The Mathematics of Nuclear FCA Verdicts
Episode 379 -- Update on False Claims Act and Customs Evasion Liability
Compliance into the Weeds: Sanctions Compliance Failures: Lessons from Harman International and Interactive Brokers
Daily Compliance News: July 23, 2025 the Pardon in the Wind? Edition
Episode 378 -- Update on Export Controls and Sanctions Enforcement
False Claims Act Insights - Bitter Pills: DOJ Targets Pharmacies for FCA Enforcement
From Permits to Penalties: A Deep Dive Into Coastal Development Law
10 For 10: Top Compliance Stories For the Week Ending June 21, 2025
Daily Compliance News: June 16, 2025, The Golden Share Edition
PODCAST: Williams Mullen's Benefits Companion - Forfeitures Under Fire
GILTI Conscience Podcast | Navigating Brazil's New Transfer Pricing Landscape: A Shift to OECD Standards
Episode 371 -- DOJ's New Corporate Enforcement Program
REFRESH Nonprofit Basics: Federal Tax Filing Deadlines and Penalties
Episode 369 -- Stepping Into the Enforcement Spotlight -- Customs and Border Patrol and Import Enforcement
Insider Transaction Traps for the Unwary
Nonprofit Basics: Federal Tax Filing Deadlines and Penalties
JONES DAY PRESENTS®: Harmonizing Global Protections: The EU Trade Secret Directive
The U.S. Department of Health and Human Services (HHS) on Aug. 27, 2025, published a Statement of Delegation of Authority (Statement) in the Federal Register. HHS Secretary Robert F. Kennedy Jr. delegated authority to the HHS...more
In the first five months of 2025, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced it had entered into ten Health Insurance Portability and Accountability Act (HIPAA) resolution...more
In October, the HHS Office for Civil Rights (OCR) fined Providence Medical Institute (PMI) $240,000, an amount that reflected a 20% discount for having “recognized security practices” (RSPs) in place. But many more covered...more
It’s not immediately obvious why someone would want to disclose a health care test result as part of a job application. But one such request spurred a Pennsylvania entity to provide a lot more than that: it sent her whole...more
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced on December 3 that it imposed a $1.19 million penalty on Gulf Coast Pain Consultants, a pain management practice in Florida, following...more
On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more
On October 31, 2024, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) embraced the end of Spooky Season by announcing two more ransomware-related enforcement actions. ...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
The HIPAA Privacy, Security, and Breach Notification Rules apply to healthcare providers who engage in certain electronic transactions, healthcare clearinghouses, and health plans, including employee group health plans with...more
The long-anticipated final rule addressing substance use disorder (SUD) records at 42 C.F.R. Part 2, commonly referred to as Part 2, is here. The final rule is a joint undertaking by the U.S. Department of Health and Human...more
Report on Patient Privacy Volume 23, no 7 (July 2023) In two public talks this spring, Melanie Fontes Rainer, director of the HHS Office for Civil Rights (OCR), said completing the 2021 proposed regulation extensively...more
The start of 2023 has brought with it significant changes to data privacy – new state laws concerning data privacy came into effect January 1 (the California Privacy Rights Act and the Virginia Consumer Data Protection Act),...more
A strong cybersecurity program can help defend against cyber attacks and protect sensitive patient data. Thanks to a 2021 amendment of the HITECH Act, when a breach occurs, it can also reduce enforcement penalties. The...more
On January 14, the Fifth Circuit vacated the University of Texas M.D. Anderson Cancer Center’s (M.D. Anderson) $4.3 million fine for HIPAA violations arising from its loss of more than 35,000 individuals’ protected health...more
Health care providers should take heed of the $10,000 settlement announced on October 2, 2019 between the U.S. Department of Health and Human Service (HHS) Office for Civil Rights (OCR) and a small dental practice based on...more
This week, the Office for Civil Rights (“OCR”) announced a $3,000,000 HIPAA settlement arising from a medical center’s loss of an unencrypted laptop and flash drive. This is simply the latest of many HIPAA settlements based...more
The Department of Health and Human Services Office for Civil Rights (OCR) today announced that it is lowering the maximum total penalties it may assess against covered entities and business associates for multiple violations...more
To state the obvious, there has been some uncertainty regarding how the Trump Administration will affect federal agency enforcement efforts. However, at least, in regard to HIPAA Privacy and Security, the U.S. Department of...more
Children’s Medical Center of Dallas (Children’s) was hit with a $3.2 million civil penalty from the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) for failing to take steps to properly protect...more
McCarter & English, LLP’s Health Care Group presents Issue 13 of the Health Law Insights, which discusses the latest legal issues in the health care industry. - Failure to Update Business Associate Agreement Results in...more
The HHS Office of Civil Rights (OCR) has granted certain clinical laboratories a temporary reprieve from the requirement to update their Notices of Privacy Practices (NPPs) by September 23, 2013, the deadline imposed by the...more
Shasta Regional Medical Center (Shasta) has agreed to pay $275,000 and enter into a corrective action plan (CAP) with the U.S. Department of Health and Human Services Office for Civil Rights (OCR) to resolve allegations that...more
Changes to the HIPAA Enforcement Rule - Background: On October 30, 2009, HHS issued an interim final rule revising the Enforcement Rule to incorporate provisions of the HITECH Act. The NPRM then proposed a number of...more
The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) published today the final regulations for the HIPAA Privacy, Security, Enforcement and Breach Notification Rules (the Omnibus Rules). The Omnibus...more
As we pore through the 562-page HITECH Omnibus Rule released by the Department of Health and Services late yesterday afternoon, here are some top line bullet points...more