Investigations and Cognitive Interviews
Implications of the SEC Cybersecurity Disclosure Rule
Healthcare Document Retention
Vicky Hanks of Blake Morgan on Building an Effective Employee Brand - Passle's CMO Series Podcast
Behavioral Health Compliance
Conducting Healthcare Compliance Investigations
Navigating the Storm: Crisis Management in the Workplace — Hiring to Firing Podcast
Episode 299 -- Bobby Butler on the Compliance Profession and the Future of Compliance
Compliance Auditing & Monitoring
Web-based Tracking Technology and AI: HIPAA Compliance Issues for Health Care Practices
PODCAST: Williams Mullen's Benefits Companion - SECURE 2.0 Act Relief for Plan Corrections
What Physicians Need to Understand About Balance Billing
What Nonprofit Board Leadership Needs To Know About Internal Investigations
Compliance with the New EU-US Data Privacy Framework
Compliant Business Communications Through Messaging Apps
Interactive Compliance Policies
GILTI Conscience Podcast | Tax Insurance 101
Consumer Finance Monitor Podcast Episode: A Look at the Treasury Department’s April 2023 Report on Decentralized Finance or “DeFi”
Personal Devices and Messaging: Evolving Compliance Concerns and Best Practices
#WorkforceWednesday: What the End of the COVID-19 Public Health Emergency Means for Employers - Employment Law This Week®
Document retention is one of those persistent issues that comes with a great deal of complexity. As Michael Kearney, Head Solution Architect, Redgrave Data explains in this podcast, organizations have to deal with a dizzying...more
On June 25, 2024, the governor of Rhode Island transmitted without signature a comprehensive privacy bill, the Rhode Island Data Transparency and Privacy Protection Act (DTPPA), back to the state legislature, which is still...more
Healthcare data breaches are occurring more frequently and on larger scales than ever before – and while you defend against cyberattacks and other external threats, make sure you do not overlook the critical role your...more
MIT Report Details New Cybersecurity Risks - “Cloud misconfigurations, more sophisticated ransomware, and vendor exploitation attacks are contributing to rising cyberattacks.” Why this is important: Worldwide spending...more
Friendly reminder – the Washington My Health My Data Act (“WMHMDA”) compliance deadline for regulated entities to post their consumer health data privacy policy is March 31, 2024 (June 30, 2024 for small businesses). A...more
In recognition of International Privacy Day on January 28, we wanted to share some insights on the top privacy and cybersecurity issues for the new year. Data privacy and cybersecurity will continue to be one of the most...more
Seyfarth Synopsis: The health care sector faces escalating cybersecurity risks given its size, technological dependence and the sensitive nature of data used therein. According to the U.S. Department of Health and Human...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
A recent settlement entered into by the nation’s largest publicly operated health plan serves as a stark warning to all entities and business associates subject to the Health Insurance Portability and Accountability Act:...more
In some respects, assuring compliance with HIPAA has always been a challenge because many health care providers, particularly physicians, pride themselves on maintaining patient confidentiality—even when they aren’t. Nurses,...more
Hybrid work is likely here to say, and, as Sheila Limmroth, privacy specialist at DCH Health System, and the author of the chapter Hybrid Work Environment in the Complete Healthcare Compliance Manual observes in this...more
Started in Europe in 2007, Data Privacy Day, or Data Protection Day as it is known internationally, is an international effort that takes place annually on January 28 to create awareness of the importance of data privacy. In...more
One of the challenging things about HIPAA (Health Insurance Portability and Accountability Act) enforcement is the fact that both the Office for Civil Rights and State AGs have jurisdiction to assess fines and penalties for...more
Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more
West Georgia Ambulance, Inc. (West Georgia) and the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Service (HHS) entered into a $65,000 no-fault settlement agreement and two year corrective action...more
The University of Rochester Medical Center (URMC) and the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Service (HHS) entered into a $3 million no-fault settlement agreement and two year corrective...more
Purpose and Practicality - The HIPAA Security Rule was designed to protect the confidentiality, integrity, and availability of a patient’s protected health information (PHI) while allowing flexibility for each covered...more
We previously reported that Cottage Health, a health care entity operating several hospitals in California, settled with the State of California for $2 million for a security incident that occurred in 2013. On February 7,...more
When the European Union’s General Data Protection Regulation (GDPR) became effective on May 25, 2018, many US-based hospitals struggled to determine whether they were subject to the GDPR and, if so, what they must do to...more
Effective November 2, 2018, companies that suffer a breach may have certain defenses in Ohio if they have a written cybersecurity program in place. Under this new law, companies can use as an affirmative defense the existence...more
Everyone in healthcare knows that the next round of HIPAA audits is coming. Covered entities and business associates have long been advised to review and update their HIPAA security risk analyses, have business associate...more
With no Congressional consensus to adopt a federal data privacy and breach notification statute, states are updating and refining their already-existing laws to enact more stringent requirements for companies. Two states...more