Elliot R. Golding

Subscribe to Elliot R. Golding's Posts
Elliot Golding provides business-oriented privacy and cybersecurity advice to global companies spanning virtually every sector of the economy, with particular expertise in the technology, health care/life sciences, retail/ecommerce, automotive and financial sectors. His practical approach gives clients actionable advice to help balance legal risk with business needs, particularly relating to innovative issues such as “digital health” technologies, biometrics, the Internet of Things, data monetization, online advertising technology and Artificial Intelligence/Machine Learning tools. He provides both day-to-day product counseling and helps companies develop global compliance programs that harmonize CCPA/CPRA (and equivalent laws in Virginia, Colorado, and Utah); GDPR and other international laws; specific rules in the highly regulated health and financial sectors (HIPAA/HITECH, ONC Information Blocking and CMS Interoperability Rules, 42 CFR Part 2, the Common Rule, GLBA, and state equivalents); marketing rules (TCPA, CANSPAM, and industry self-regulatory standards); security standards (such as PCI-DSS, NIST, and ISO); and many others. Elliot has also managed hundreds of breaches and ransomware attacks, guiding clients through all aspects of investigation, notification, remediation and engagement with regulators. Read Elliot Golding's full bio.

OCR Update on Tracking Technologies Provides Little Relief for HIPAA-Regulated Entities

By , , , , and on May 14, 2024
Posted In Digital Health, Employee Benefits, Health and Welfare Plans, Privacy and Data Security

On March 18, 2024, the US Department of Health and Human Services Office for Civil Rights (OCR) issued an update to its December 1, 2022, bulletin titled “Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.” In releasing the 2024 update, OCR stated that its purpose was to “increase clarity for regulated...

Continue Reading

Key Takeaways | How to Prepare for New State Health Privacy Laws

By and on Apr 16, 2024
Posted In Employee Benefits, Health and Welfare Plans, Privacy and Data Security

New state privacy laws regulating health data impose significant obligations and heightened litigation and regulatory risks. During this webinar, Elliot Golding and Sam Siegfried discussed how these laws apply, what they require, and practical tips to implement and operationalize compliance. Access key takeaways and webinar replay.

Continue Reading

State Regulators Step Up Privacy Enforcement Relating to Employee Data

By and on Sep 5, 2023
Posted In Privacy and Data Security

Regulators in California and Colorado recently announced enforcement sweeps under new and newly updated state privacy laws. Companies in Colorado (including nonprofits) and California should double-check their privacy notices, processes and documentation to comply with these laws, particularly the enforcement priorities identified in the notices. Read more here.

Continue Reading

HHS Issues Guidance on Requirements Under HIPAA for Online Tracking Technologies, Addressing Privacy and Security Concerns Related to Health Information

By , , , , and on Dec 20, 2022
Posted In Privacy and Data Security

On December 1, 2022, the Office for Civil Rights (OCR) at the US Department of Health and Human Services (HHS) issued a Bulletin on the obligations of covered entities and business associates (regulated entities) under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy, Security, and Breach Notification Rules (HIPAA Rules) when using online tracking...

Continue Reading




Top ranked chambers 2022
US leading firm 2022