“`html After more than a decade of operating under a Security Rule last substantively updated in 2013, US healthcare organizations now face a new compliance baseline. The Department of Health and Human Services finalized updates to the HIPAA Security Rule in 2025, converting several previously “addressable” implementation specifications into mandatory requirements. The most operationally significant […]
The European Union’s AI Act entered into force in August 2024. In February 2025, its first enforceable provisions took effect: a ban on AI systems categorized as unacceptable risk. These include social scoring systems, real-time biometric surveillance in public spaces, AI that exploits psychological vulnerabilities, and systems that manipulate behavior through subliminal techniques. By the […]
By: Jeremy Diebert, Chief Architect — PrettyFluid Technologies When we designed the core infrastructure for Zentinel, we made a decision that added significant engineering complexity: we built the system so that we would never be able to read the data stored in it. Every record that enters Zentinel is encrypted on the client side — […]
Twenty States. Twenty Privacy Laws. One Compliance Problem. As of mid-2025, more than twenty US states have enacted comprehensive consumer privacy laws. Virginia, Colorado, Connecticut, Utah, Texas, Florida, Montana, Oregon, Delaware, Iowa, Indiana, Tennessee, and others have joined California in establishing enforceable rights around data access, correction, deletion, and opt-out from sale and targeted advertising. […]
DOGE, Federal Systems, and the Data Access Question Nobody Wanted to Ask In early 2025, the Department of Government Efficiency gained access to a range of federal information systems at agencies including the Social Security Administration, the Department of Education, the Treasury Department, and others. The access was granted rapidly, without the standard security vetting […]
23andMe Filed for Bankruptcy. Your DNA Went With It. By: Christopher Perry, CEO — PrettyFluid Technologies In March 2025, 23andMe filed for Chapter 11 bankruptcy protection. The company that built a business on collecting, analyzing, and commercializing the genetic data of more than 15 million people was now in financial distress, and its most valuable […]
In January 2025, a Chinese AI lab called DeepSeek released an open-weight language model that matched or exceeded the performance of leading American AI systems at a fraction of the reported training cost. The release sent shockwaves through the technology industry. It also surfaced a set of data privacy questions that the rapid adoption of […]
In December 2024, PowerSchool — the largest K-12 education software provider in the United States — suffered a data breach that compromised the personal information of students and teachers across thousands of school districts. The breach was exposed in January 2025, when affected districts began notifying families. PowerSchool’s platform is used by more than 18,000 […]