On August 22, the United States filed its complaint-in-intervention (Complaint) against the Georgia Institute of Technology (Georgia Tech) and Georgia Tech Research Corp. (GTRC, collectively, defendants), asserting claims that the defendants knowingly failed to meet cybersecurity requirements in connection with certain Department of Defense (DoD) contracts in violation of the False Claims Act.Continue Reading United States Files First Complaint Under the Civil Cyber-Fraud Initiative

I recently authored a two-part article series published on The Compliance & Ethics Blog highlighting key updates in healthcare fraud compliance and enforcement, including insights from the firm’s annual 2023 Healthcare Fraud & Abuse Review and updates thus far in 2024. Continue Reading Series on Healthcare Fraud Risk for The Compliance & Ethics Blog

The United States notified the U.S. District Court for the Northern District of Georgia that it plans to intervene in a False Claims Act case filed against Georgia Tech Research Corporation (Georgia Tech) by its Associate Director of Cybersecurity and former Principal Information Security Engineer (the relators). Continue Reading The United States Intervenes in its First False Claims Act Cybersecurity Case

Last month, the Federal Acquisition Regulatory Council proposed new cybersecurity and incident reporting regulations for federal contractors on behalf of the Department of Defense (DoD), the General Services Administration (GSA), and the National Aeronautics and Space Administration (NASA). Continue Reading Cyber Incident Reporting May Be “Material” for Federal Contractors

We recently authored an article for ABA Health eSource, published by the American Bar Association’s Health Law Section, that details the expanded focus on cybersecurity activities by the Department of Justice (DOJ) with the Civil Cyber-Fraud initiative.
Continue Reading Expanded Focus on Cybersecurity Activities by DOJ with Civil Cyber-Fraud Initiative

I was recently interviewed on the Healthcare Strategies podcast about how the Department of Justice (DOJ) is enforcing the Civil Cyber-Fraud Initiative to hold healthcare organizations accountable for cybersecurity matters. The Initiative, launched by DOJ in October 2021, utilizes the False Claims Act (FCA) to take action against entities that knowingly provide insufficient data security measures.
Continue Reading DOJ’s Civil Cyber-Fraud Initiative Impact on Healthcare Organizations

On March 8, the Department of Justice (DOJ) announced the first settlement under its Civil Cyber-Fraud Initiative, as Comprehensive Health Services, LLC (CHS), a global medical services provider, agreed to pay $930,000 in part to resolve False Claims Act (FCA) allegations regarding cyber fraud. The government alleged that CHS contracted with the State Department to provide a secure electronic medical record (EMR) system to store patients’ medical records and submitted claims for the costs of this work, but failed to disclose that it had not consistently stored patients’ medical records on a secure EMR system.
Continue Reading First False Claims Act Settlement under DOJ’s Cyber-Fraud Initiative

As discussed in a previous post, the Department of Justice (DOJ) has announced a new Civil Cyber-Fraud Initiative to utilize one of the strongest tools in its toolbox—the False Claims Act—to hold entities receiving federal dollars accountable where it believes they are failing to meet their cybersecurity obligations.
Continue Reading What Does the DOJ’s New Civil Cyber-Fraud Initiative Mean for You?