Compliance Tip of the Day: Why Engage in Pre-acquisition Due Diligence
Compliance Tip of the Day: Bringing Predictive Analytics into Your Compliance Regime
Compliance into the Weeds: Sanctions Compliance Failures: Lessons from Harman International and Interactive Brokers
Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 2 - Risk Assessment
FCPA Compliance Report: Fraud Risk Management - Insights and Experiences with Peter Schablik
#Risk New York Speaker Series – Inside Behavioral Insights: Tom Hardin on Compliance at #RiskNYC
Compliance Tip of the Day: COSO Framework
#Risk New York Speaker Series: Exploring AI Risks in Compliance with Gwen Hassan
Healthcare Enterprise Risk Management
Compliance Tip of the Day: Assessing Internal Controls in International Operations
Managing Sanctions Compliance
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: Superforecasting
On March 25, 2025, U.S. Senators Bill Cassidy, M.S. (R-LA) and Jeff Merkley (D-OR) introduced the No Unreasonable Payments, Coding, or Diagnoses for the Elderly (No UPCODE) Act (the “Bill”)....more
Editor’s Note: PYA and Foley & Lardner hosted the 7th Annual “Let’s Talk Compliance” two-day virtual conference on January 23 and 24, 2025. Panelists included Foley attorneys and PYA subject matter experts. The event was...more
Many healthcare organizations understand the importance of having a Compliance Committee but some struggle to use their committee effectively. The key to ensuring the Compliance Committee is effective is building smart...more
Can you remember healthcare security 20+ years ago? It seems like a different world from now. Believe it or not, the HIPAA Security Rule has barely changed since it was first enacted in 2003 and has been long overdue for a...more
Welcome to the Fall 2024 issue of “FCA Enforcement & Compliance Digest,” our quarterly newsletter in which we compile essential updates on False Claims Act (FCA) enforcement trends, litigation, agency guidance, and compliance...more
The U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”), which enforces HIPAA, recently announced a new enforcement initiative, the Risk Analysis Initiative, in conjunction with OCR’s seventh...more
The cyber breach at Change Healthcare in 2024 stands out as one of the most significant cyber-attacks in recent memory. Its repercussions extend far beyond immediate industry disruptions, resonating deeply in regulatory...more
In recent testimony before the United States House Committee on Energy and Commerce Subcommittee on Oversight and Investigations, Christi A. Grimm, Inspector General of the Department of Health and Human Services (HHS)...more
The U.S. Department of Health and Human Services Office of Inspector General (HHS OIG) released an important new compliance resource in November 2023. The HHS OIG’s new General Compliance Program Guidance (GCPG) is intended...more
Within the specific element discussions in HHS-OIG’s Guidance, are important operational details and strategies for an effective compliance program. GCPG provides important suggestions and innovations for consideration by...more
The Department of Health and Human Services’ Office of Inspector General (OIG) published a General Compliance Program Guidance (GCPG) on November 6, 2023, marking the first update to OIG’s compliance program guidance...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
Five Years After ‘a Singular Human Error,’ Two Breach Notices, Revenue Firm Settles With OCR - As far as settlements for alleged HIPAA violations go, a recent agreement announced by the HHS Office for Civil Rights (OCR)...more
Session #1: State of the Healthcare Industry Effective Compliance Plans and Enforcement Trends - In their discussion of compliance program effectiveness and enforcement, attorneys Kolarik and Waltz and Ms. Sumner...more
The following is a summary of the federal Health and Human Services agency’s Office of Inspector General (OIG) reports of fraud and abuse enforcement activity across the country. The enforcement actions reported are based...more
There are myriad opportunities for hospitals and health systems (HHSs) to engage in data-focused collaborations with other stakeholders in the healthcare industry. These collaborations include, to an increasing extent,...more
There is no such thing as compliance with the NIST Cybersecurity Framework (FTC). In September, the FTC dispelled a commonly held misconception regarding the NIST Framework: It “is not, and isn’t intended to be, a standard or...more
Healthcare organizations – ranging from physician practice groups to large, multi-state hospital systems – face a variety of risks, including fraud and abuse, as well as HIPAA privacy issues. Starting from a baseline risk...more
The Equal Employment Opportunity Commission (EEOC) has issued a proposed rule amending prior regulations under the Genetic Information Nondiscrimination Act of 2008 (GINA) to address incentives in workplace wellness programs....more
Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called “Phase 2 Audits” are set to commence...more
Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more
The 2015 HIPAA Security conference held by the National Institute of Standards and Technology (“NIST”) and the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) kicked off last week with OCR’s...more
On April 20, 2015, the Office of Inspector General (OIG) of the U.S. Department of Health and Human Services (HHS) published its “Practical Guidance for Health Care Governing Boards on Compliance Oversight” (the Guidance).1...more
In collaboration with the HHS Office for Civil Rights, the Office of the National Coordinator for Health Information Technology released a new tool designed to help practices conduct and document a comprehensive assessment to...more
HIPAA security risk assessment (SRA) tool was recently made available through HHS. The tool was developed as a collaborative effort between the HHS Office of the National Coordinator for Health Information Technology (ONC),...more