Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Embracing Data Privacy to Drive Business Growth: On Record PR
On Wednesday, July 9, 2025, the United States Department of Justice (“DOJ”) issued more than 20 subpoenas to physicians and clinics (the “Providers”) who provide gender-affirming care to transgender youth. According to the...more
On June 18, 2025, the United States District Court for the Northern District of Texas vacated most of the rules designed to enhance reproductive healthcare privacy promulgated by the U.S. Department of Health and Human...more
The Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act, and the regulations promulgated thereunder (collectively “HIPAA”) is a...more
In this Key Discovery Points video, Brett Burney of Nextpoint and Doug Austin of eDiscovery Today unpack a court’s bold move in the Meta Pixel healthcare case – ordering the production of third-party cookie data tied to...more
Ontario’s Information and Privacy Commissioner (IPC) has released a new Privacy Management Handbook (Handbook) aimed at assisting small healthcare organizations to meet their privacy obligations under Ontario’s health...more
On June 6, 2025, the United States District Court for the Northern District of California dismissed a number of claims being brought against Google related to its alleged improper collection of health-related data though...more
Explained in more detail below, under the recent vacatur of most of the HIPAA Privacy Rule to Support Reproductive Health Care Privacy (the “Reproductive Health Rule”): • The broad prohibitions on disclosing protected...more
Employers' access to, and retention of, employee medical information can be fraught with legal risk. Even the most seasoned HR professionals have trouble navigating the complex rules and regulations governing employee medical...more
Question: It was recently brought to my attention that a patient posted on the internet false and misleading information regarding treatment I provided to her. The posting also contains false and defamatory descriptions of me...more
Last year, the federal Office for Civil Rights (OCR) modified the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule to strengthen protections for reproductive health care information (the “2024 Rule”)....more
The U.S. District Court for the Northern District of Texas on June 18, 2025, issued an order vacating the HIPAA Privacy Rule to Support Reproductive Health Care Privacy, published on April 26, 2024, which amended the Health...more
A single incident that may have started as a personal vendetta or an extortion threat seven years ago has cost a Florida health care system $800,000, and comes on the heels of an unrelated breach suffered by a different...more
Comments on the RFI, due by June 16, present a rare opportunity to shape future technology standards, reporting requirements, and business opportunities....more
On April 17, 2025, the Connecticut Office of the Attorney General (“OAG”) released an Updated Enforcement Report Pursuant to the Connecticut Data Privacy Act (“Report”). The Report, the second issued by OAG (read our...more
Artificial intelligence (AI) is rapidly reshaping the digital health sector, driving advances in patient engagement, diagnostics, and operational efficiency. However, for Privacy Officers, AI’s integration into digital health...more
Join Kelley Drye and the Interactive Advertising Bureau (IAB) for an in-person workshop designed to explore the intersection of health information, adtech, and privacy law, sensitive health information, and advertising...more
HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more
Recently we had a client pose an interesting question about providing accommodations to disabled temporary workers. A temp agency referred a worker to its client, but advised the client that the worker had requested certain...more
Recent changes in federal immigration enforcement practices have prompted renewed attention to how healthcare providers manage requests from law enforcement agencies. While federal policy continues to recognize healthcare...more
On March 15, Kentucky passed HB 473 (the “bill”), which amends the Kentucky Consumer Data Protection Act (the “Act”), whose passage was previously covered by InfoBytes and goes into effect on January 1, 2026. The bill creates...more
An insured who purchased insurance specifically for privacy injury liability was recently forced to sue its insurer after it denied coverage. The insured allegedly “installed web beacons and cookies on its platforms so that...more
A HIPAA compliance assessment is an evaluation of an organization's practices, policies, and procedures to ensure that they align with requirements from the Health Insurance Portability and Accountability Act (“HIPAA”). It...more
The HIPAA Privacy and Security Rules require covered entities (including healthcare providers and health plans) and their business associates to protect patient information stored or transmitted electronically, including...more
Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more