Security, Cyber-Intel, and a Sense of Humor with Nir Rothenberg of Rapyd
Demystifying Wage and Hour Audits: One-on-One with Courtney McFate
The Daunting Task of Export Compliance With Braumiller Law Group
New FLSA Notice Standard, DOL’s PAID Program, Axed Wage and Hour Penalties - #WorkforceWednesday® - Employment Law This Week®
Cuando la marca viaja en turista y sin registro
Compliance Tip of the Day: Trust and Verify
Great Woman in Compliance: Building Strategic and Effective Risk Assessments
Compliance into the Weeds: The Dark Side of AI in Employee Training
Compliance Tip of the Day: AI Assistant for Compliance
Innovation in Compliance: Gaurav Kapoor on Risk Management and the Role of AI in GRC
Daily Compliance News: August 19, 2025, The AI Winter Edition
FCPA Compliance Report: Accountability in Times of Crisis: A Conversation with Tom Fox and Sam Silverstein
AI Today in 5: August 18, 2025, The AI Music Episode
Enhancing Card Partnerships and Compliance: A Conversation With Matthew Goldman — Payments Pros – The Payments Law Podcast
Compliance Tip of the Day: Costs and Benefits of AI
Compliance Tip of the Day: How a CFO Views Compliance and Risk
12 O’Clock High, A Podcast on Business Leadership – Leadership in Cybersecurity and Privacy with Robert Meyers
Data Driven Compliance – James Tillen on the Importance of Cross-Functional Collaboration in Complying with the FTPF Offense
AI Today in 5: August 15, 2025, The AI as Boss Episode
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
In this final blog post in the Bradley series on the HIPAA Security Rule notice of proposed rulemaking (NPRM), we examine how the U.S. Department of Health and Human Services (HHS) Office for Civil Rights interprets the...more
The HIPAA Security Rule may soon undergo a big overhaul that would better defend healthcare data from cybersecurity threats – and require much more from covered entities when it comes to establishing and maintaining defenses....more
On January 6, 2025 the U.S. Department of Health and Human Services published a Proposed Rule (90 FR 898) to strengthen the HIPAA Security Rule and afford greater cybersecurity protections for electronic protected health...more
The HHS Office for Civil Rights (OCR) has abandoned its appeal of a federal judge’s ruling overturning OCR’s guidance prohibiting covered entities (CEs) and business associates (BAs) from using the web-tracking technologies...more
Is your organization a business associate? You could be subject to enforcement action if you fail to protect health information within your control from ransomware attacks. In October, for the first time, the U.S....more
Hear directly from the enforcement community - Want to gain insight into properly monitoring, detecting, investigating, and managing violations? Join us at HCCA’s Annual Healthcare Enforcement Compliance Conference to...more
Looking for compliance education and networking in your area? HCCA’s Regional Healthcare Compliance Conferences offer practitioners convenient, local compliance education, including updates on the latest news in regulatory...more
Hear directly from the enforcement community - Want to gain insight into properly monitoring, detecting, investigating, and managing violations? Join us virtually at HCCA’s Annual Healthcare Enforcement Compliance...more
Healthcare risk doesn’t stop at the facility’s door. Covered entities have countless business associates (BA), each of which poses risks of its own. That, in and of itself, is a challenge, but Gerry Blass, President and CEO...more
As hospital systems become more hardened to cyber-attacks, cyber criminals are focusing their efforts on smaller providers, such as outpatient clinics, specialty clinics and business associates, according to a report by...more
Please join us for our annual healthcare compliance seminar to discuss current developments in healthcare regulation and hospital compliance... Registrants will have the option of selecting the sessions they would like to...more
The Compliance Institute is celebrating 25 years! Join us for the Compliance Institute's 25th anniversary, April 19-22, 2021. This year, HCCA is excited to celebrate over two decades of compliance excellence with our...more
Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more
In a noteworthy development, a sole practitioner gastroenterology practice recently agreed to pay $100,000 to the Office for Civil Rights of the Department of Health and Human Services (OCR) and adopt a two-year corrective...more
The Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) announced that it has entered into a settlement with a business associate that provides electronic medical records services to health...more
In its November newsletter, the Office for Civil Rights (OCR) made a great point that we are seeing in the industry—the risks associated with previous employees. According to its newsletter, entitled “Insider Threats and...more
I have negotiated hundreds of SaaS agreements for dozens of software companies and I always hated when the company on the other side was a healthcare provider. Invariably, they would bring up Protected Health Information...more
HHS OCR issues checklist, iterative guidance in wake of WannaCry and Petya attacks; Anthem breach settlement provides additional lessons. Key Points: ..Healthcare organizations are particularly vulnerable to ransomware...more
In a recent newsletter, the Office for Civil Rights (OCR) encourages health care organizations to review their procedures around authentication and “ensure that they have the appropriate safeguards in place.”...more
Last month, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced the largest settlement to date for alleged violations of the Health Insurance Portability and Accountability Act (HIPAA)....more
Oregon Health & Science University (OHSU) has agreed to settle alleged HIPAA violations involving two separate data breaches with the Office for Civil Rights (OCR) for $2.7 million. In the span of three months in 2013,...more
Despite the fact that Business Associates have been directly subject to and liable under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (HIPAA) since February 18, 2010 the...more