The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
On April 26, the Federal Trade Commission announced its final rule updating the health breach notification rule. According to the FTC, the update seeks to “clarify” the scope of the rule by adding new definitions and revising...more
On April 26, 2024, the Federal Trade Commission (“FTC”) announced it had finalized changes to modernize the Health Breach Notification Rule (the “HBNR”) by clarifying its applicability to health and wellness apps and other...more
The FTC has updated its HBNR to clarify that the rule also restricts marketing practices involving personal health information. This update to the HBNR was announced on April 26, 2024, and follows several recent enforcement...more
On February 8, 2024, the Department of Health and Human Services (HHS) posted a final rule that aims to align 42 CFR Part 2 (Part 2) — which protects certain substance abuse disorder (SUD) records — with the Health Insurance...more
As more and more states consider consumer privacy laws, the first-of-its kind My Health My Data Act (the Act) could be a harbinger of health and wellness compliance requirements to come. The ramifications of Washington...more
On February 12, 2024, the U.S. Department of Health and Human Services (“HHS”) published a notice in the Federal Register regarding reinstatement of the Health Information Portability and Accountability Act of 1996 (“HIPAA”)...more
On January 1, California's Assembly Bill No. 352 (AB 352) went into effect, introducing significant changes to the handling and sharing of sensitive health information — particularly information related to reproductive health...more
New York has released proposed cybersecurity regulations for hospitals. The regulations, which were published in The State Register on Dec. 6 and will undergo a 60-day public comment period ending on Feb. 5, are designed to...more
New York Governor, Kathy Hochul, recently announced proposed cybersecurity rules for New York hospitals, which are due to be imminently published in the State Register on December 6, 2023, subject to approval by the Public...more
On November 13, 2023, Governor Kathy Hochul released proposed cybersecurity regulations applicable to all hospitals located within the state of New York. The Governor has included $500 million in grant funding in her FY24...more
This is Part Twelve, the final installment of our series of legal updates on the Washington My Health My Data Act (“WMHMDA”). We are thrilled that you came along as we dove into the intricacies of WMHMDA that are creating...more
Appropriately so, providers look first to the Health Insurance Portability and Accountability Act of 1996, as amended (HIPAA), to ensure that they comply with regulations regarding patients’ protected health information...more
Companies in all industries and of all sizes are evaluating sophisticated and useful technology for their websites and applica- tions (their “apps”) in an effort to enhance and develop their image or brand and to support...more
This is Part Eleven in a series of legal updates on the Washington My Health My Data (“WMHMDA”), where Quarles continues its deep dive into the various factors and intricacies of WMHMDA that are creating waves in the privacy...more
In an age where digital connectivity is rapidly advancing, cybersecurity has become an inescapable concern for organizations across industries. With cyber threats ranging from data breaches to ransomware attacks, it is...more
On May 18, 2023 the Federal Trade Commission (FTC) released a Notice for Proposed Rule Making (NPRM) for updates to the Health Breach Notification Rule, 16 C.F.R. Part 318 (the Rule). The Rule serves to ensure entities that...more
Recent developments at the federal and state level demonstrate that regulators are focused on protecting consumer health data. Specifically, state and federal regulators want to close the gap between HIPAA-protected data and...more
The European Medicines Agency (EMA) published Version 1.1 of its “Guidance on how to approach the safeguarding of personal protected data (“PPD”) and commercially confidential information (“CCI”) while using the Clinical...more
The 21st Century digital age has provided women with numerous sexual and reproductive health tools that track periods, ovulation, and pregnancy. By simply plugging certain health data inputs into these apps, women can now...more
The Federal Trade Commission (FTC) recently proposed changes to the Health Breach Notification Rule (Rule), enacted in 2009, to clarify that the Rule applies directly to an estimated 170,000 health and wellness mobile...more
On May 8, 2023, Governor DeSantis signed Bill CS/CS/SB 264 amending the Florida Electronic Health Records Exchange Act. Effective July 1, 2023, this new law will require that the offsite storage of certain personal medical...more
On May 17, 2023, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement with MedEvolve, Inc. for $350,000. MedEvolve provides practice and revenue cycle management and practice...more
Five former Memphis-based hospital employees and another man have pled guilty to unlawfully disclosing patient information in violation of HIPAA, U.S. Attorney for the Western District of Tennessee Kevin Ritz announced....more
To say there’s been a lot of new privacy law in the last decade is an understatement. For those of us who think we’ve “seen it all,” many of these new laws arrive and elicit a sense of challenge (for the optimists) or mild...more
Introduction: Tracking Software in the Healthcare Industry - Privacy-related concerns have become increasingly prominent in recent years, especially with the widespread use of third-party tracking tools such as tracking...more