Rachel V. Rose, J.D., MBA

Rachel V. Rose, JD, MBA, breaks down the legal risks physicians face when investing in or dispensing from compounding pharmacies.

HHS-OCR settled four ransomware cases for $1.1M all tied to missing annual risk analyses. Are your safeguards up to date?

What covered entities need to know about valid authorizations, common defects and protecting patient privacy.

What practices need to know about "vishing" — the phone-based scam putting patient data and HIPAA compliance at risk.

Vanderbilt professor and health care entrepreneur Bruce J. Lynskey breaks down what companies and investors need to know before betting on AI in medicine.

OCR’s latest HIPAA settlement spotlights risk analysis failures and how ChatGPT, AI scribes, consent laws and evidence deletion reshape compliance.

HHS-OCR ramps up HIPAA enforcement: phishing settlement spotlights risk analyses, Security Rule gaps and urgent 2026 Part 2 NPP updates.

AI scribes streamline notes, but can trigger HIPAA, consent and Medicare compliance risks. Learn safeguards to avoid audits, liability and harm.

Make sure Notice of Privacy Practices are updated by Feb. 16.

The False Claims Act sees record settlements and lawsuits last year.

Explore the nuances between "split/shared" and "incident to" billing in health care, ensuring compliance with the latest CY 2026 Physician Fee Schedule.

A recent DOJ settlement highlights the risks of manipulating electronic health records for Medicare billing.

Stay vigilant this holiday season against cyberattacks with these tips on safe shopping, recognizing scams and protecting your information.

Understanding legal expenses is crucial for health care practices, covering initial and ongoing costs ensures compliance and mitigates risks.

Prosecutors tackle fraud in health care, highlighting the importance of compliance programs and anti-retaliation measures to protect whistleblowers.

Texas med spas are under new scrutiny. “Jenifer’s Law” tightens rules for IV infusions and cosmetic procedures, requiring proper licensing and physician supervision to protect patients and keep practices compliant.

A recent court ruling affirms CMS's authority in Medicare Advantage ratings, highlighting compliance challenges for providers and the importance of interpreter availability.

Explore the impact of AI in healthcare inspections, highlighting risks, ethical concerns, and compliance strategies for safe implementation.

Texas updates non-compete laws for healthcare professionals, while the FTC investigates restrictive employment agreements, urging compliance and fairness in contracts.

HHS prioritizes patient-centric healthcare, enhancing interoperability and access to health information while addressing privacy concerns and technology disparities.

A new Texas law, S.B. 1188, takes effect Sept. 1 setting rules for health data security, U.S.-based storage and use of artificial intelligence in medicine. Violations carry civil penalties.

The Ninth Circuit's ruling on EKRA reshapes compliance for healthcare entities, emphasizing the importance of understanding kickback laws and their implications.

Explore the intersection of HIPAA violations and the False Claims Act, highlighting compliance strategies to mitigate legal risks in healthcare.

Recent court rulings reshape reproductive health care privacy and regulations, emphasizing the need for updated HIPAA policies and awareness of state laws.

Understanding HIPAA's Privacy Rule clarifies how incidental disclosures in health care settings are permissible, ensuring patient privacy while facilitating essential communications.

The Open Payments Program reveals critical compliance issues in healthcare, highlighting recent legal cases and the importance of accurate financial reporting.

Practices must prepare for stricter fraud reporting and compliance as the DOJ Corporate Whistleblower Awards Pilot Program and bipartisan AI Whistleblower Protection Act expand protections beyond the False Claims Act.

Practice administrators seeking federal grants or contracts must look beyond HIPAA, completing SAM registration and adopting FAR 52.204‑21’s 15 essential cybersecurity controls to safeguard PHI, PII, FCI and CUI.

Two class-action lawsuits targeting the University of Maryland Medical Center and the University of Kansas Health System for years-long cyberstalking and unauthorized access to protected health information spotlight massive HIPAA risk-analysis failures and underscore the urgent need for stronger health care cybersecurity safeguards.

As biometric technologies expand in health care and consumer surveillance, regulators are cracking down on companies that misuse sensitive data — with HIPAA, FTC orders and billion-dollar state settlements setting the tone.