New FLSA Notice Standard, DOL’s PAID Program, Axed Wage and Hour Penalties - #WorkforceWednesday® - Employment Law This Week®
Cuando la marca viaja en turista y sin registro
Compliance Tip of the Day: Trust and Verify
Great Woman in Compliance: Building Strategic and Effective Risk Assessments
Compliance into the Weeds: The Dark Side of AI in Employee Training
Compliance Tip of the Day: AI Assistant for Compliance
Innovation in Compliance: Gaurav Kapoor on Risk Management and the Role of AI in GRC
Daily Compliance News: August 19, 2025, The AI Winter Edition
FCPA Compliance Report: Accountability in Times of Crisis: A Conversation with Tom Fox and Sam Silverstein
AI Today in 5: August 18, 2025, The AI Music Episode
Enhancing Card Partnerships and Compliance: A Conversation With Matthew Goldman — Payments Pros – The Payments Law Podcast
Compliance Tip of the Day: Costs and Benefits of AI
Compliance Tip of the Day: How a CFO Views Compliance and Risk
12 O’Clock High, A Podcast on Business Leadership – Leadership in Cybersecurity and Privacy with Robert Meyers
Data Driven Compliance – James Tillen on the Importance of Cross-Functional Collaboration in Complying with the FTPF Offense
AI Today in 5: August 15, 2025, The AI as Boss Episode
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
What to Do When Leadership Doesn’t Take Compliance Seriously
Daily Compliance News: August 14, 2025 The End of Dial Up Edition
Nonprofit Basics: Grant Agreements—Matching Grants, IP, Recoverable Grants & More
On August 18, 2025, the Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement with BST & Co. CPAs, LLP (BST). The announcement continues OCR’s escalating enforcement of the HIPAA...more
In the first five months of 2025, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced it had entered into ten Health Insurance Portability and Accountability Act (HIPAA) resolution...more
On March 21, 2025, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement of HIPAA security rule claims involving Health Fitness Corporation (Health Fitness). Health Fitness...more
On Friday, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced the fifth enforcement action under its Risk Analysis Initiative. In this case, OCR reached a settlement with Health...more
As we noted in our previous blog here, on January 6, 2025, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) published a Notice of Proposed Rulemaking (NPRM) proposing substantial revisions...more
On December 27, 2024, the U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), announced a Notice of Proposed Rulemaking (NPRM) to amend the Security Standards for the Protection of...more
On January 6, the Department of Health and Human Services Office for Civil Rights (OCR) published a notice of proposed rulemaking (Proposed Rule) that would strengthen the requirements of the security rule promulgated...more
On December 27, 2024, the U.S. Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), issued proposed changes to the Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more
Just two weeks into the year, 2025 is already shaping up to be a busy year for privacy lawyers, especially those tasked with helping covered entities and business associates comply with the HIPAA Security Rule. As we...more
On January 6, 2025 the U.S. Department of Health and Human Services published a Proposed Rule (90 FR 898) to strengthen the HIPAA Security Rule and afford greater cybersecurity protections for electronic protected health...more
On October 23-24, 2024, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) Information Technology Laboratory hosted the Safeguarding...more
The HHS Office for Civil Rights (OCR) has abandoned its appeal of a federal judge’s ruling overturning OCR’s guidance prohibiting covered entities (CEs) and business associates (BAs) from using the web-tracking technologies...more
Is your organization a business associate? You could be subject to enforcement action if you fail to protect health information within your control from ransomware attacks. In October, for the first time, the U.S....more
The Compliance Institute is celebrating 25 years! Join us for the Compliance Institute's 25th anniversary, April 19-22, 2021. This year, HCCA is excited to celebrate over two decades of compliance excellence with our...more
Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more
In a noteworthy development, a sole practitioner gastroenterology practice recently agreed to pay $100,000 to the Office for Civil Rights of the Department of Health and Human Services (OCR) and adopt a two-year corrective...more
The Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) announced that it has entered into a settlement with a business associate that provides electronic medical records services to health...more
In the top three of the list of highly sensitive personal data to be concerned about is our medical information. It’s so sensitive because it is so personal. It used to be that our medical information was located in paper...more
In its November newsletter, the Office for Civil Rights (OCR) made a great point that we are seeing in the industry—the risks associated with previous employees. According to its newsletter, entitled “Insider Threats and...more
HHS OCR issues checklist, iterative guidance in wake of WannaCry and Petya attacks; Anthem breach settlement provides additional lessons. Key Points: ..Healthcare organizations are particularly vulnerable to ransomware...more
In a recent newsletter, the Office for Civil Rights (OCR) encourages health care organizations to review their procedures around authentication and “ensure that they have the appropriate safeguards in place.”...more
On October 7, 2016, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”), released a guidance document (the “Guidance”) on the HIPAA-compliant use of cloud computing technologies. The...more
Last month, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced the largest settlement to date for alleged violations of the Health Insurance Portability and Accountability Act (HIPAA)....more
Phase 2 of the HIPAA audits is fully underway, and covered entities now can take a breath if they have not received a desk audit request. But we still are at the beginning of Phase 2, with more to come. ...more
On August 4, 2016, the Office for Civil Rights (“OCR”) of the U.S. Health & Human Services Department (“HHS”) announced a $5.55 million HIPAA settlement with Advocate Health Care Network (“Advocate”), the largest...more