New HIPAA Privacy Rule Guidance
Client Alert | less than 1 min read | 12.04.02
The Department of Health and Human Services' Office of Civil Rights (OCR) has released a 100+ page guidance document on the HIPAA Privacy Rule. The guidance document discusses a broad array of topics in a Q&A format. OCR is the agency responsible for enforcing the Privacy Rule, so this guidance provides useful insight about the government's approach to some of the Privacy Rule's "hot topics". For example, OCR states that physicians with hospital staff privileges need not enter into business associate contracts with the hospital, because joint physician-hospital activities fall under the definition of "organized health care arrangement".
Insights
Client Alert | 2 min read | 12.19.25
GAO Cautions Agencies—Over-Redact at Your Own Peril
Bid protest practitioners in recent years have witnessed agencies’ increasing efforts to limit the production of documents and information in response to Government Accountability Office (GAO) bid protests—often will little pushback from GAO. This practice has underscored the notable difference in the scope of bid protest records before GAO versus the Court of Federal Claims. However, in Tiger Natural Gas, Inc., B-423744, Dec. 10, 2025, 2025 CPD ¶ __, GAO made clear that there are limits to the scope of redactions, and GAO will sustain a protest where there is insufficient evidence that the agency’s actions were reasonable.
Client Alert | 7 min read | 12.19.25
In Bid to Ban “Woke AI,” White House Imposes Transparency Requirements on Contractors
Client Alert | 5 min read | 12.19.25
Navigating California’s Evolving Microplastics Landscape in 2026
Client Alert | 19 min read | 12.18.25
2025 GAO Bid Protest Annual Report: Where Have All the Protests Gone?
