All Posts

Any Port in a Storm? OCR Seeks Comments on HIPAA “Safe Harbor” for Recognized Security Practices

Earlier this month, HHS’s Office for Civil Rights (OCR) issued a Request for Information (RFI) seeking comments on a statutory provision adopted last year…

Read Post

Ignore Evolving Security Threats at Your Own Risk: OCR Raises Stakes on Cybersecurity in the Health Care Sector

OCR’s recent focus on cybersecurity in the health care sector sends a clear message to HIPAA covered entities and business associates: OCR expects you to…

Read Post
Tag Icon

Buyers Beware: the FTC’s Case Against CafePress Highlights Privacy and Data Security Risks in Corporate Transactions

Last week the Federal Trade Commission announced a privacy and data security enforcement action against the online retail platform CafePress. The allegations in the…

Read Post

Four and Counting: Utah on Verge of Becoming the Fourth State to Adopt a Comprehensive Consumer Privacy Law

The Utah Consumer Privacy Act (UCPA) is on the verge of becoming law after recently passing both chambers of the Utah legislature…

Read Post

A Prelude to Enforcement: Colorado AG Issues Remarks Opining on What Constitutes Reasonable Security Measures

Last month, on Data Privacy Day, Colorado’s Attorney General Philip Weiser released prepared remarks entitled “The Way Forward on Data Privacy and Data Security”…

Read Post