Recently, according to several sources, including MSN, Bank of America’s third-party data destruction vendor experienced a breach.
Documents containing personally identifiable information (PII), intended for shredding, were discovered in unsealed containers outside the vendor’s location.
The old saying, “hindsight is 20/20,” rings painfully true. It’s always easier to spot the flaws in procedures after a security lapse has occurred.
The United States continues to operate without a comprehensive federal consumer privacy law as the American Privacy Rights Act remains subject to further amendments and uncertainty. Consequently, nineteen states enacted comprehensive consumer privacy legislation, of which eight are becoming or have become effective in 2025, and some existing state privacy laws have been amended since their enactment. This fragmented approach creates compliance complexities and operational considerations for organizations operating at state and national levels.
This week, we examine the risks tied to diversity, equity, and inclusion (DEI) initiatives that employers face due to the Trump administration’s executive orders and the ensuing scrutiny from federal agencies, including the Equal Employment Opportunity Commission.
A recent study from Kodiak Solutions revealed the collection rate for providers from commercially insured patients dropped by more than 3 percentage points, from 37.6% in 2023 to 34.4% in 2024. The decline is creating substantial revenue cycle management challenges.
On March 10, Christopher Mufarrige, the newly-appointed Director of the Bureau of Consumer Protection at the Federal Trade Commission (FTC), published a blog explaining the significance of Civil Investigative Demands (CIDs) for businesses and the ramifications for failing to respond. The Director warns that “[i]f your business receives such a demand for information, we expect you to respond in a reasonable and timely manner or face legal consequences.”
.jpg)
.jpg)