DOJ’s BSD Rule: Key Risks for Health Care & Life Sciences

Trending News

Texas Business Court Dismisses Out-of-State Defendants for Lack of Personal Jurisdiction in Trailer Financing Dispute

Tennessee Enacts New Restrictions on Noncompete Agreements

NYDFS Reaffirms State Fair Lending Obligations

The Rule of Law Cannot Work in Reverse

What My Defense Tech Clients Are Teaching Me About Business

$3.425 Billion. One Year. A Wake-Up Call for Every Business Operating in the United States.

Law Firm Marketing Has a Measurement Problem. Here's What It's Actually Costing You.

Navigating DOJ’s New Corporate Enforcement Landscape: Key Considerations for Environmental Voluntary Self-Disclosures

EB-2 NIW vs. EB-3: Why High-Skilled Professionals Should Know the Difference

A New DOL Joint Employment Rule? What Franchisors Need to Know

Laura J. DePonio

Email

617-603-1074

Bio and Articles

Elizabeth J. McEvoy

Email

617-603-1095

Bio and Articles

Elena M. Quattrone

Email

212-351-4685

Bio and Articles

Find Your Next Job !

IP Litigation Attorney

NLR-Wickard Legal AI Pathways Fellowship

Labor and Employment Law Attorney

Explore More Job Openings

Diagnosing Health Care® – Episode 93: DOJ’s Bulk Sensitive Data Transfer Rule: Key Insights for Health Care Compliance Teams [Podcast}

by: Laura J. DePonio, Elizabeth J. McEvoy, Elena M. Quattrone, Epstein Becker & Green, P.C. - Diagnosing Health Care Podcast

Thursday, April 16, 2026

Print Mail Download info_icon_img

info_icon_img

What health care and life sciences organizations need to know:

“Bulk” Has a New Definition: The volume thresholds under the U.S. Department of Justice’s (DOJ’s) Bulk Sensitive Data (BSD) Transfer Rule are surprisingly low—sharing genomic data on just 100 people can trigger compliance requirements, catching many organizations off guard.
HIPAA Compliance Is Not Enough: The BSD Transfer Rule creates an entirely new compliance layer that goes beyond existing privacy frameworks, such as the Health Insurance Portability and Accountability Act (HIPAA), applying even when data has been de-identified or anonymized.
It’s About Access, Not Just Transfers: Simply giving a foreign vendor, board member, or investor the ability to view sensitive data can trigger the BSD Transfer Rule—no formal data-sharing agreement is required.

In this episode of Diagnosing Health Care^®, Epstein Becker Green attorneys Laura DePonio, Elizabeth McEvoy, and Elena Quattrone walk health care and life sciences organizations through the DOJ’s BSD Transfer Rule—from scoping and compliance to enforcement risks and exemptions.

Current Public Notices

Post Your Public Notice Today!

PUBLIC NOTICE OF AUCTION OF ASSETS: Colorado Property Management Company

Published: 13 May, 2026

PUBLIC NOTICE OF UCC ARTICLE 9 SALE: Scope Technologies US Inc.

Published: 12 May, 2026

PUBLIC NOTICE OF UCC ARTICLE 9 SALE: 2180 HOLDINGS COMPANY INC, M.L. JONES, LLC, AND ML JONES PREFABRICATION, LLC

Published: 11 May, 2026

PUBLIC NOTICE OF UCC ARTICLE 9 SALE: Wavy Media LLC and Wavy Property Management LLC

Published: 11 May, 2026

PUBLIC NOTICE OF UCC ARTICLE 9 SALE: Jamp Stokesbury, LP

Published: 11 May, 2026

PUBLIC NOTICE OF UCC ARTICLE 9 SALE: GSPP Bristol, LLC

Published: 11 May, 2026

PUBLIC NOTICE OF UCC ARTICLE 9 SALE: 777 Partners LLC

Published: 6 May, 2026

PUBLIC NOTICE OF UCC ARTICLE 9 SALE: B2B Cloud Software Business

Published: 5 May, 2026

PUBLIC NOTICE OF UCC SALE: Fulton SCG Member, LLC

Published: 27 April, 2026

PUBLIC NOTICE OF AUCTION OF ASSETS: All American Roofing & Waterproofing, Inc

Published: 21 April, 2026

PUBLIC NOTICE 363 SALE: Michael J. Parrella

Published: 20 April, 2026

PUBLIC NOTICE OF UCC SALE: 727 Lofts Best Living, LLC

Published: 8 April, 2026

NOTICE OF DISSOLUTION: Clear View Productions, Inc.

Published: 27 March, 2026

Discover more public notices

Current Legal Analysis

FinCEN's IRGC Alert: What Financial Institutions Need to Know About Iran's Oil Smuggling and Shadow Banking Networks FinCEN’s IRGC Alert: What Financial Institutions Need to Know About Iran’s Oil Smuggling and Shadow Banking Networks

by: Jonathan "Jack" Harrington , Howard W. Herndon

The EU’s New Anti-Corruption Directive—What it Means for Global Companies as FCPA Enforcement Shifts

by: Luke Cass , Audrey Karman

Estate Planning for Patent Holders

by: Rebecca K. Wrock , Timothy D. Kroninger

Trending in Telehealth: April 2026

by: Amanda Enyeart , Jayda Greco

Medicaid Behavioral Health Investigations and Payment Suspensions in D.C. Are Increasing – How Providers Can Limit Risk

by: Sarah M. Hall , Chloe T. Hillard

More from Epstein Becker & Green, P.C.

Medicaid Behavioral Health Investigations and Payment Suspensions in D.C. Are Increasing – How Providers Can Limit Risk

by: Sarah M. Hall , Chloe T. Hillard

‘Emilie’ Is Not a Psychiatrist - Pennsylvania Board of Medicine Alleges Unlawful Practice of Medicine by an AI Chatbot

by: Frances M. Green , Alaap B. Shah

Words Matter- How to Draft Arbitration Agreements That Hold Up in Court [Video]

by: Jonathan M. Brenner , Victoria Sloan Lin

One Nation, One Privacy Law: GOP Introduces Federal Privacy Legislation

by: Frances M. Green , Eleanor T. Chung

DOJ’s West Coast Strike Force to Target Health Care Fraud in Arizona, Nevada, and Northern California

by: Sarah M. Hall , Jeremy A. Avila

Tennessee Enacts New Restrictions on Noncompete Agreements

by: David J. Clark

FTC and DOJ Respond to Supreme Court of Tennessee on Accreditation

by: E. John Steren , Patricia M. Wagner

DOL Proposes New Safe Harbor for Selection of Designated Investment Alternatives for Defined Contribution Plans

by: Heather Stone Fletcher , Briar L. McNutt

FDA Proposal Would Leave Semaglutide, Tirzepatide, and Liraglutide Off 503B Bulks List

by: Daniel L. Fahey , Erin Sutton

Joint Employment, Misclassification, I-9s, and Web Accessibility- New Rules and Rulings Reshape Employer Risk [Video]

by: George Carroll Whipple, III

Critical Infrastructure at Risk: Project Glasswing Urges Attention to AI-Driven Cyber-Risks

by: Alaap B. Shah , Brian G. Cesaratto

The DOJ’s Bulk Sensitive Data Rule and Your Obligation to “Know Your Reporting Requirements”

by: Elizabeth J. McEvoy , Elena M. Quattrone

Employment Law This Week - NLRB Could Soon Have a Three-Person Republican Majority [Video]

by: Michael S. Ferrell , George Carroll Whipple, III

Utah Bans Post-Employment Noncompetes for Healthcare Workers Effective May 6, 2026

by: Laura E. Holtan , Daniel R. Levy

Maine Restricts Noncompetes for Health Care Practitioners

by: Laura E. Holtan , Daniel R. Levy

Upcoming Events

May

21

2026

From Fake Citations to Sanctions: AI Failures by Lawyers, Judges, & BigLaw in 2026

Jun

11

2026

Preparing Law Students for AI in Transactional Practice: What Law Schools Should Know (Pres. by Spellbook and Wickard)

May

14

2026

Insurance Coverage Master Class series: Getting To It: Commercial General Liability Coverage for Rip and Tear

May

19

2026

Insurance Coverage Master Class series: Bad Faith Across the Badlands

Print