New HIPAA Privacy Rule Guidance
Client Alert | less than 1 min read | 12.04.02
The Department of Health and Human Services' Office of Civil Rights (OCR) has released a 100+ page guidance document on the HIPAA Privacy Rule. The guidance document discusses a broad array of topics in a Q&A format. OCR is the agency responsible for enforcing the Privacy Rule, so this guidance provides useful insight about the government's approach to some of the Privacy Rule's "hot topics". For example, OCR states that physicians with hospital staff privileges need not enter into business associate contracts with the hospital, because joint physician-hospital activities fall under the definition of "organized health care arrangement".
Insights
Client Alert | 7 min read | 12.17.25
After hosting a series of workshops and issuing multiple rounds of materials, including enforcement notices, checklists, templates, and other guidance, the California Air Resources Board (CARB) has proposed regulations to implement the Climate Corporate Data Accountability Act (SB 253) and the Climate-Related Financial Risk Act (SB 261) (both as amended by SB 219), which require large U.S.-based businesses operating in California to disclose greenhouse gas (GHG) emissions and climate-related risks. CARB also published a Notice of Public Hearing and an Initial Statement of Reasons along with the proposed regulations. While CARB’s final rules were statutorily required to be promulgated by July 1, 2025, these are still just proposals. CARB’s proposed rules largely track earlier guidance regarding how CARB intends to define compliance obligations, exemptions, and key deadlines, and establish fee programs to fund regulatory operations.
Client Alert | 1 min read | 12.17.25
Client Alert | 7 min read | 12.17.25
Executive Order Tries to Thwart “Onerous” AI State Regulation, Calls for National Framework
Client Alert | 2 min read | 12.16.25
