Columnist

Breach Report Begets Settlement

By Matt Fisher – Whenever an entity subject to HIPAA experiences a data breach, notification must be given to the Office for Civil Rights. Once OCR receives notification of a breach, an investigation will typically follow. That combination is a sure way for broader issues to be uncovered. That is the scenario that played out in the most recent settlement announced by OCR.

Read More

Always Listening, Always Leaking?

By Matt Fisher – Ambient listening technology is growing in many areas and being incorporated into a lot of different applications. What does the ambient listening do? It automatically picks up conversations and other sounds around it to be processed for one purpose or another.





HIPAA Enforcement Marches On (?)

By Matt Fisher – The Office for Civil Rights announced another cyber incident driven HIPAA civil monetary penalty on February 20, 2025. The settlement broke a one month lull in HIPAA enforcement announcements, though looking at the dates in the documents (all go back to the last quarter or so of 2024), it may not necessarily be an indication that enforcement of HIPAA remains an ongoing immediate priority.