HIPAA/Health Information Privacy, Security & Breach Response

Closing the Privacy Gap: HIPRA Targets Health Apps and Wearables

November 19, 2025 By Sara Pullen, Angela Burnette and Jennifer Pike

Move over HIPAA…the health privacy landscape may be in for a shakeup. On November 4, 2025, Senator Bill Cassidy, M.D. (R-LA) introduced the Health Information Privacy Reform Act (HIPRA), a bill aimed at closing a gap in health data protections. HIPAA has long governed the privacy of traditional medical records held by health care providers […]

HIPAA Security Rule: Still on Track for Finalization

November 3, 2025 By Jennifer Everett, Kate Hanniford, Angela Burnette and Jennifer Pike

Since the HHS Office for Civil Rights’ (OCR) publication of a proposed rule to overhaul the HIPAA Security Rule in January 2025, many in the health care and privacy community have wondered whether the rule would quietly fade away. Some even hoped it might be “dead in the water.” However, despite sharp criticisms and industry […]

Unlocking the MIND Act: The Senate To Take on the Challenge of Neurotechnology

September 25, 2025 By Sara Pullen

On September 24, 2025, Ranking Member Cantwell (D-Wash.), Leader Schumer (D-NY), and Senator Markey (D-Mass.) announced they will introduce the “Management of Individuals’ Neural Data Act of 2025” (“MIND Act”). If enacted, the MIND Act will direct the Federal Trade Commission (“FTC”) to conduct a comprehensive study and report on the collection, processing, storage, sale, […]

New York Department of Health Issues Urgent Cybersecurity Warning Following U.S. Strikes on Iranian Nuclear Facilities

July 14, 2025 By Kim Peretti, Kate Hanniford, Angela Burnette, Jennifer Pike and Andrew Rice

The New York State Department of Health has issued an urgent cybersecurity advisory (the Advisory) warning of increased threat levels and a higher likelihood of cybersecurity attacks from Iranian state-backed actors following U.S. military strikes on the Fordow, Natanz, and Isfahan nuclear facilities in Iran. The Advisory warns that “intelligence sources indicate a high likelihood […]

New Artificial Intelligence Laws in Effect in Utah

June 13, 2025 By Jennifer Everett, Daniel Felz and Anna von Spakovsky

Utah Governor Spencer J. Cox signed three state AI bills into law that took effect May 7, 2025. These laws require businesses to make “you’re talking to a bot” disclosures and comply with privacy requirements when using AI in connection with consumer transactions, mental health chatbots, and certain content used for advertising, fundraising or endorsements. […]