This compliance intelligence digest highlights critical updates, including a hospital firing employees for HIPAA violations and a severe Adobe Commerce flaw under active attack. New York’s DFS issued guidance on third-party cyber risk, while a $14 billion crypto bust offers hope against cybercrime. Stay informed with these key insights to safeguard your organization.
Top 5 Critical Compliance Alerts
- Florida Hospital Fires Employees for Taking Unauthorized Photographs of Sedated Patients: Four employees were terminated for allegedly taking unauthorized photographs of patients. Read more
- Fear the ‘SessionReaper’: Adobe Commerce Flaw Under Attack: CVE-2025-54236 is a critical flaw in Adobe Commerce (formerly Magento) that allows attackers to remotely take over sessions. Read more
- Good Guidance on Third-Party Cyber Risk: New York regulators released guidance about managing cybersecurity risks of third-party technology providers. Read more
- US Crypto Bust Offers Hope in Battle Against Cybercrime Syndicates: A $14 billion seizure by US investigators warns cybercriminals relying on bitcoin. Read more
- Tired of Unpaid Toll Texts? Blame the ‘Smishing Triad’: Chinese smishers shift to lower-frequency, higher-impact government impersonation attacks. Read more
Compliance Frameworks
- Florida Hospital Fires Employees for Taking Unauthorized Photographs of Sedated Patients: Four employees were terminated for allegedly taking unauthorized photographs of patients, raising HIPAA concerns. Read more
Regulatory Updates
- Good Guidance on Third-Party Cyber Risk: New York regulators released guidance about managing cybersecurity risks of third-party technology providers. Read more
- Expired Federal Telehealth Waivers: Key Changes in Medicare Reimbursement Requirements for Telehealth Providers: Federal government telehealth flexibilities expired, impacting Medicare reimbursement. Read more
Audit & Monitoring Tools
- AuditBoard to Acquire AI Governance Platform FairNow: AuditBoard will acquire FairNow, an AI governance platform with AI registry, risk assessments, and compliance features. Read more
- Optera Adds AI-Powered Data Ingestion to Emissions Platform: Optera added AI-powered data ingestion to its emissions platform, converting raw energy bills into auditable emissions data. Read more
- FlexTecs Launches Inbox Automation Tool for AP Teams: FlexTecs launched AP Inbox Assist, using AI to automate accounts payable inbox management. Read more
Third-Party Risk & Due Diligence
- Good Guidance on Third-Party Cyber Risk: New York regulators released guidance about managing cybersecurity risks of third-party technology providers. Read more
Policy & Governance Updates
- AI Innovation Act Would Bring New Era to Financial Services Industry: The Unleashing AI Innovation in Financial Services Act aims to accelerate responsible AI experimentation. Read more
- AI in Employment-Related Decisions Part 2: State Strategies to Address Pressure and What It Means for Employers: State lawmakers recalibrate approaches to regulating AI use in employment decisions. Read more
