The success of an artificial intelligence (AI) algorithm depends in large part upon trust, yet many AI technologies function as opaque ‘black boxes.’ Indeed, some are intentionally designed that way. This charts a mistaken course.

Continue Reading FTC Enforcement Highlights the Importance of Preserving Privacy in AI Development: How to Avoid AI Model Destruction

Recent decisions from the European Union (EU) have placed renewed focus on the use of common cookies used on ecommerce and other websites used by consumers and employees and transfers of personal data collected through cookies to the United States. The EU Data Protection Authorities (DPAs) found that the use of widely used website technologies (i.e., cookies and java script) to automatically collect identifiers from the users’ devices or through their use of internet protocols (e.g., IP addresses) resulted in the collection of personal data. The DPAs further found that the subsequent transfer of this data to Google servers located in the United States violated EU cross-border data transfer requirements because there were inadequate safeguards under the Schrems II decision invalidating the EU-US Privacy Shield. One notable impact of the decisions is to dismiss the adequacy of encryption technologies where the service provider (such as Google) has access to the cryptographic key and can be compelled to surrender it in order for the data to be decrypted and read by U.S. surveillance authorities. Consideration of the impact of these decisions is critically important for ecommerce and other websites operating in the EU, as well as more generally for organizations that transfer personal data of consumers and employees to the U.S.

Continue Reading Cookies Resulting in Cross Border Transfers of Personal Data to the United States Draw Scrutiny from European Data Privacy Regulators

Cyber threats and cybersecurity controls have evolved significantly over the past two decades since the HIPAA Security Rule were originally promulgated. During this same time, healthcare entities have increasingly become a prime target of hackers seeking to extort payment using ransomware, exfiltrate patient data to commit fraud, or disrupt operations in other nefarious ways.  Recognizing

On October 26, 2017, President Trump directed the Secretary of the Department of Health and Human Services (“Secretary”) to declare a National Public Health Emergency on the opioid epidemic. While the President offered few details regarding how his administration will address the challenge of treating patients struggling with opioid addiction, a previous statement from the

Updates to OIG FY 2017 Work Plan

The United States Department of Health and Human Services (“HHS”) Office of the Inspector General (“OIG”) recently updated its FY 2017 Work Plan. Traditionally, OIG’s annual Work Plan has given health care providers a preview of OIG’s enforcement priorities. With the OIG now making updates to its

WHEN: Thursday, February 26, 2015

TIME: 12:00pm – 1:30pm EST

To register for this webinar, please click here.

Please join us for a complimentary webinar addressing wireless health regulatory issues. This session will discuss recent trends in health technology regulation; including Food and Drug Administration (FDA) developments, Federal Communications Commission (FCC) requirements, wireless technology

By Adam Solander, Ali Lakhani and Wenxi Li

The increasing prevalence of mobile technology in the healthcare sector continues to create compliance concerns for physician practices and other health care entities.  While the Office of Civil Rights (OCR) of the Department of Health and Human Services, has traditionally focused on technology breaches within larger

By Marshall Jackson and Alaap Shah

If you have tuned into the news over the last few months, you are likely aware that several major corporations—including one of the nation’s largest retail chains—have suffered data breaches. These breaches have affected hundreds of millions of consumers, and in some cases exposed sensitive financial data such