It’s probably not going to change anything, but the Democratic National Committee has sued Russia (and members of the Russian establishment), members of the Trump campaign, and Wikileaks regard the 2016 election security...more
Partner Colin Zick was recently invited to speak to the Union College Computer Science Department’s Seminar Series. His presentation addressed the difficulties in implementing encryption in the workplace, the challenges to...more
As you enjoy the holiday weekend, and even some Cyber Monday shopping, keep in mind these online shopping tips from the FTC:
..Know the seller and the item. Put the company or product name in a search engine, along with...more
11/27/2017
/ Credit Cards ,
Cyber Crimes ,
Cyber Monday ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Gift-Cards ,
Holidays ,
Internet Retailers ,
Personally Identifiable Information ,
Phishing Scams
Interesting viewpoints from this Journal of the American Medical Association article on FDA’s August 2017 notice re: cyber security issues with certain pacemakers, including:...
...more
As most are aware, the Massachusetts Attorney General has won the race to the courthouse and been the first regulator to file suit against Equifax....more
As we previously said, the Equifax breach affects approximately 143 million Americans. While the hackers stole data that includes addresses, birth dates, full names and Social Security numbers, there are steps you can take...more
Me and 143 million of my closest friends may have had our personal information inappropriately accessed through a breach at Equifax–is there no safe haven anywhere? Deferring that question for another day, here are the...more
If you check your email this afternoon, you may see a message that someone you know is sharing something on Google Docs....more
On February 16, 2017, HHS OCR announced that Memorial Healthcare Systems (MHS) had paid the U.S. Department of Health and Human Services (HHS) $5.5 million to settle potential violations of HIPAA’s Privacy and Security Rules...more
2/20/2017
/ Conflict Resolution ,
Corrective Actions ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
Identity Theft ,
OCR ,
Personal Data ,
Personally Identifiable Information ,
Security Rule
As part of the ongoing HHS OCR HIPAA audit initiative, it is conducting “HIPAA desk audits.” These audits don’t involve auditors coming in your facility. Instead, covered entities are being asked to submit documents on...more
Another day, another 500 million Yahoo accounts reached. Our friends at the FTC are right on top of this with guidance for individuals with Yahoo accounts. First and foremost, change your Yahoo password....more
Catholic Health Care Services of the Archdiocese of Philadelphia (“CHCS”), a HIPAA business associate, has agreed to pay the Department of Health and Human Services Office of Civil Rights (“OCR”) $650,000 in connection with a...more
How much does the question of harm matter in cybersecurity law? The answer is: It depends on who is bringing the claim.
Businesses confronting data breaches can face litigation from private consumers as well as from...more
2/18/2016
/ Article III ,
Clapper v. Amnesty International ,
Cybersecurity ,
Data Breach ,
Enforcement Actions ,
FTC v Wyndham ,
Injury-in-Fact ,
LabMD ,
Neiman Marcus ,
Securities and Exchange Commission (SEC) ,
Standing ,
Unfair or Deceptive Trade Practices ,
Wyndham
This month’s edition of the Advanced Cyber Security Center’s newletter includes my discussion of lessons to be learned from the Wyndham decision:
Historically, security was an issue reserved in a back room for the IT...more
10/1/2015
/ Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
FTC v Wyndham ,
Hackers ,
Identity Theft ,
Personally Identifiable Information ,
Privacy Policy ,
Securities and Exchange Commission (SEC) ,
Unfair or Deceptive Trade Practices
We welcome this guest blog by Gene Fry, Compliance Officer, Scrypt, Inc.
The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for protecting sensitive patient data. This means that any...more
2/24/2015
/ Business Associates ,
Covered Entities ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Electronic Medical Records ,
Electronically Stored Information ,
Encryption ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
PHI
In This Presentation:
- Overview of data breach landscape
- Data breach response
..Technical best practices
..Legal best practices
- Data breach prevention
..Technical best practices
..Legal best...more
On January 18, 2013, nearly four years after the passage of the HITECH Act and its amendments to HIPAA, and nearly three years after it proposed regulatory amendments, the U.S. Department of Health and Human Services (“HHS”)...more