The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
Friendly reminder – the Washington My Health My Data Act (“WMHMDA”) compliance deadline for regulated entities to post their consumer health data privacy policy is March 31, 2024 (June 30, 2024 for small businesses). A...more
As more and more states consider consumer privacy laws, the first-of-its kind My Health My Data Act (the Act) could be a harbinger of health and wellness compliance requirements to come. The ramifications of Washington...more
On February 12, 2024, the U.S. Department of Health and Human Services (“HHS”) published a notice in the Federal Register regarding reinstatement of the Health Information Portability and Accountability Act of 1996 (“HIPAA”)...more
The Vermont Legislature is considering its version (S.173) of Washington’s My Health My Data Act to regulate non-HIPAA health data. If enacted, the Vermont law would take effect on January 1, 2025. The bill is premised on a...more
New York Governor, Kathy Hochul, recently announced proposed cybersecurity rules for New York hospitals, which are due to be imminently published in the State Register on December 6, 2023, subject to approval by the Public...more
On November 13, 2023, Governor Kathy Hochul released proposed cybersecurity regulations applicable to all hospitals located within the state of New York. The Governor has included $500 million in grant funding in her FY24...more
On October 18, 2023, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”), which is tasked with enforcing the Health Insurance Portability and Accountability Act (“HIPAA”), issued two new...more
Adding to the growing trend of policymakers interested in regulating health and wellness data, last week U.S. Senator Bill Cassidy requested stakeholder feedback to help identify solutions to modernize HIPAA and ensure all...more
The number of data breaches affecting health care providers declined in the second half of 2022, consistent with a downward trend over the past two years, according to a report from cybersecurity firm Critical Insight. Total...more
On August 15, 2023, the Joint Commission issued a Sentinel Event Alert entitled “Preserving patient safety after a cyberattack,” which provides “tips on what organizations can do to prepare to deliver safe patient care in the...more
This is Part Twelve, the final installment of our series of legal updates on the Washington My Health My Data Act (“WMHMDA”). We are thrilled that you came along as we dove into the intricacies of WMHMDA that are creating...more
This is Part Eleven in a series of legal updates on the Washington My Health My Data (“WMHMDA”), where Quarles continues its deep dive into the various factors and intricacies of WMHMDA that are creating waves in the privacy...more
In an age where digital connectivity is rapidly advancing, cybersecurity has become an inescapable concern for organizations across industries. With cyber threats ranging from data breaches to ransomware attacks, it is...more
The 21st Century digital age has provided women with numerous sexual and reproductive health tools that track periods, ovulation, and pregnancy. By simply plugging certain health data inputs into these apps, women can now...more
On May 8, 2023, Governor DeSantis signed Bill CS/CS/SB 264 amending the Florida Electronic Health Records Exchange Act. Effective July 1, 2023, this new law will require that the offsite storage of certain personal medical...more
On April 27th, Washington State’s governor signed the Washington State My Health My Data Act—a law the legislature nominally designed to increase healthcare privacy. But it does more than that. The law uses sweeping...more
Five former Memphis-based hospital employees and another man have pled guilty to unlawfully disclosing patient information in violation of HIPAA, U.S. Attorney for the Western District of Tennessee Kevin Ritz announced....more
The Department of Health and Human Services ("HHS") has proposed amendments to the Confidentiality of Substance Use Disorder Patient Records Rule, 42 C.F.R. part 2 (the "Part 2 Rule") with a comment deadline of January 31....more
On July 11, 2022, the Federal Trade Commission (FTC) published “Location, health, and other sensitive information: FTC committed to fully enforcing the law against illegal use and sharing of highly sensitive data,” on its...more
March was a busy month for data privacy and security, especially as it relates to health care entities. To help keep you up to date with the changes, we’ve included a few highlights for you below... ...more
There are myriad opportunities for hospitals and health systems (HHSs) to engage in data-focused collaborations with other stakeholders in the healthcare industry. These collaborations include, to an increasing extent,...more
As the East Coast prepares for the arrival of Hurricane Matthew, covered entities and business associates should take the opportunity to remind their workforce members to safeguard protected health information (PHI) that is...more
Everyone in healthcare knows that the next round of HIPAA audits is coming. Covered entities and business associates have long been advised to review and update their HIPAA security risk analyses, have business associate...more
The Chinese market presents a tremendous opportunity for U.S. hospitals and providers, as long as the intricacies of data privacy and security issues are thoroughly understood. This includes Chinese regulations regarding...more
The delivery of health care – and payment for that care – is a complex endeavor, and health care providers and health plans rely on third parties to help them operate as businesses and fulfill their responsibilities to...more