12 O’Clock High, A Podcast on Business Leadership – Leadership in Cybersecurity and Privacy with Robert Meyers
The Road to Regulation: Vehicle Service Contracts Explained — Moving the Metal: The Auto Finance Podcast
Beyond the Bylaws: The Medical Staff Show - Need to Know: How to Manage Medical Staff Confidentiality and Privilege Protections
The Privacy Insider Podcast Episode 16: Protecting Privacy at Every Walk of Life with France Bélanger and Donna Wertalik of Virginia Tech
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
La Commissaire à l’information et à la protection de la vie privée de l’Ontario (la « CIPVP ») a publié un nouveau guide de gestion de la protection de la vie privée (le « Guide ») ayant pour but d’aider les petits organismes...more
The American Medical Association (AMA) House of Delegates has unanimously adopted Resolution 503, “Safeguarding Neural Data Collected by Neurotechnologies.” This new policy cements the AMA’s support for comprehensive...more
Ontario’s Information and Privacy Commissioner (IPC) has released a new Privacy Management Handbook (Handbook) aimed at assisting small healthcare organizations to meet their privacy obligations under Ontario’s health...more
Health Policy Fireside Chat: What to Expect from the New Administration - Bill Mathias, Member at Bass, Berry & Sims, engaged in a fireside chat with Colin Roskey, Principal at FHP Strategies, former Deputy Assistant...more
March 26, 2025, marked a pivotal moment in the EU with the European Health Data Space Regulation, (EU) 2025/327 (“EHDS Regulation”), coming into force. The EHDS represents a transformative initiative by the European Union...more
Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more
New York State appears poised to become the fourth state to explicitly regulate consumer health data not covered by the federal Health Insurance Portability and Accountability Act (HIPAA)....more
On January 13, 2025, California Attorney General (AG) Rob Bonta issued two legal advisories: one for businesses generally (General Advisory) and one specific to healthcare entities (Health Advisory). These advisories identify...more
On January 21 2025, the Council of the European Union (Council) announced its decision to adopt the Regulation of the European Parliament and of the Council on the European Health Data Space (EHDS). As we have previously...more
It is by now common knowledge that on Inauguration Day, January 20, 2025, President Trump signed numerous executive orders geared toward the implementation of his immigration policy objectives, setting the stage for what he...more
On January 22, 2025, the New York Assembly passed Senate Bill S929, titled the New York Health Information Privacy Act (New York HIPA). The act is now on its way to Governor Kathy Hochul for her signature. If signed into...more
In a major development for all businesses handling health data, New York lawmakers passed a sweeping health data privacy bill Wednesday that could have far-ranging consequences across the country. S929, also known as the New...more
Readers of this blog may recall a recent favorable decision handed down by Massachusetts State’s highest court in which it found that Massachusetts Wiretap Act claims (“MWA”) do not extend to consumer interactions with...more
In December 2024, the Assistant Secretary for Technology Policy/Office of the National Coordinator for Health Information Technology (“ASTP/ONC”) within the U.S. Department of Health and Human Services (“HHS”) published two...more
Let’s review for a moment. It’s not a HIPAA violation to be a victim of ransomware. It’s not a HIPAA violation to pay a ransom. It’s up to the covered entity (CE) to determine if a security or privacy incident is a...more
The HHS Office for Civil Rights (OCR) has abandoned its appeal of a federal judge’s ruling overturning OCR’s guidance prohibiting covered entities (CEs) and business associates (BAs) from using the web-tracking technologies...more
Unleashed on June 27, 2017, NotPetya caused an estimated $10 billion in damages globally, among the costliest ransomware attacks in history. In 2018, the Trump administration—in tandem with the British government—blamed...more
Welcome to our inaugural issue of The Health Record - our healthcare law insights e-newsletter! As such, we wanted to pull together our insights and pass them along to you. Our goal is to create a publication that is...more
United Healthcare Group (UHG) CEO Andrew Witty was in a board meeting on Feb. 21 when officials interrupted with the news that Change Healthcare—a clearinghouse UHG subsidiary Optum had purchased for $1.3 billion in October...more
Organizations typically deal with ransomware attacks out of the public eye, but the massive scale of United Healthcare Group’s (UHG) February breach made that an impossibility. UHG CEO Andrew Witty was recently on the hot...more
Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more
The HHS Office for Civil Rights (OCR) and other government agencies aren’t just worried that providers understand—and mitigate—the privacy and security risks of telehealth. In fact, in 2022, the Government Accountability...more
Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more
Report on Patient Privacy 23, no. 10 (October, 2023) By 2016, it should have been clear to HIPAA covered entities that a security risk analysis—and corresponding risk management plan—were compliance basics. Yet, a new...more
Learning Objectives: - Overview of current US privacy/cybersecurity laws and regulation - Current cyber threats: overview of recent trends in cyberattacks and risk areas for healthcare providers - Incident Response: how...more