Does the U.S. Need a Data Protection Authority? (a few of my thoughts)

I had a wonderful discussion about privacy in the US vis-a-vis privacy in the EU with Katherine Teitler (@katherinert15) in connection with her MIS Training Institute article Does the U.S. Need a Data Protection Authority? As with most things, I do not propose to have all of the answers. In fact, in our hour or [...]

Are Smaller Healthcare Practices Required to Report a Ransomware or Potential Data Breach?

Does the HIPAA Breach Notification Rule apply to all Covered Entities and Business Associates, Even Smaller Ones? To many of you reading this post this question seems ridiculous. You know the answer. However, I get asked this question so frequently that I decided to answer it with a blog post to save time next time [...]