As noted in the FTC alert from Lisa Weintraub Schifferle, an attorney with the FTC’s Division of Consumer & Business Education, thanks to a new federal law, soon you can get free credit freezes and year-long fraud alerts....more
It is the last day of Bio 2018 and I am attending a curiously titled session: Is Biotechnology Drowning in Health Related Data? The panel’s answer to that question is “no” — in fact, they all agreed there isn’t enough data...more
The late rapper known as The Notorious B.I.G. recorded a song called, “Mo Money, Mo Problems.” Many of the lyrics can’t be repeated here, but the refrain can:
“It’s like the more money we come across
The more problems we...more
It took three days, but I finally found a panel at BIO 2018 that addressed the current challenges in privacy and security regarding health data. This panel, Realizing the Potential of Clinical and Consumer Genomics, was...more
I am attending BIO 2018 in Boston, just steps from our Boston office. Naturally, I was drawn to yesterday’s session on “Life Sciences Cyber Exposures and Risk Mitigation Considerations.” But I came away disappointed. First of...more
It’s probably not going to change anything, but the Democratic National Committee has sued Russia (and members of the Russian establishment), members of the Trump campaign, and Wikileaks regard the 2016 election security...more
Cultural gap between the EU and the US -
EU Data Protection Rules -
Why should you care about those rules?
..GDPR is « general » i.e. it applies to all activities including the Healthcare/Life Sciences.
..As of...more
Partner Colin Zick was recently invited to speak to the Union College Computer Science Department’s Seminar Series. His presentation addressed the difficulties in implementing encryption in the workplace, the challenges to...more
Recent legislation in the New York State Assembly reflects a growing governmental interest in blockchain as a technology in cybersecurity systems. On November 27, four different bills addressing blockchain technologies were...more
As you enjoy the holiday weekend, and even some Cyber Monday shopping, keep in mind these online shopping tips from the FTC:
..Know the seller and the item. Put the company or product name in a search engine, along with...more
11/27/2017
/ Credit Cards ,
Cyber Crimes ,
Cyber Monday ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Gift-Cards ,
Holidays ,
Internet Retailers ,
Personally Identifiable Information ,
Phishing Scams
Following President Trump’s declaration of a nationwide public health emergency regarding the opioid crisis, the HHS Office for Civil Rights has released new guidance on when and how health care providers can share a...more
The new GDPR is much more detailed than the 1995 Directive. The GDPR has 99 articles, versus 34 in the Directive. And a few new key concepts clearly require new guidance....more
Interesting viewpoints from this Journal of the American Medical Association article on FDA’s August 2017 notice re: cyber security issues with certain pacemakers, including:...
...more
A 152 page judgment was rendered on October 3, 2017 by the Irish High Court in Schrems II: DPC v Facebook Final.
Nor surprisingly, the court decided to refer the case to the Court of Justice of the European Union to make...more
As most are aware, the Massachusetts Attorney General has won the race to the courthouse and been the first regulator to file suit against Equifax....more
As we previously said, the Equifax breach affects approximately 143 million Americans. While the hackers stole data that includes addresses, birth dates, full names and Social Security numbers, there are steps you can take...more
Me and 143 million of my closest friends may have had our personal information inappropriately accessed through a breach at Equifax–is there no safe haven anywhere? Deferring that question for another day, here are the...more
Great article in the Wall Street Journal this week (paywall), on the history of passwords and password management. I did not know that the seeming obsession with passwords featuring a strange mixing of capital letters,...more
First, the basic facts about the recent ransomware attack:
..US-CERT has received multiple reports of WannaCry ransomware infections in several countries around the world.
..Ransomware is a type of malicious software that...more
If you check your email this afternoon, you may see a message that someone you know is sharing something on Google Docs....more
The Economist certainly thinks computer security is broken (and it’s hard to argue the contrary). In its April 8 edition, The Economist’s cover story proclaims, “Why computers will never be safe.” While that’s good news for...more
On February 16, 2017, HHS OCR announced that Memorial Healthcare Systems (MHS) had paid the U.S. Department of Health and Human Services (HHS) $5.5 million to settle potential violations of HIPAA’s Privacy and Security Rules...more
2/20/2017
/ Conflict Resolution ,
Corrective Actions ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
Identity Theft ,
OCR ,
Personal Data ,
Personally Identifiable Information ,
Security Rule
More information from HHS OCR about the phishing threat...
..On November 28, 2016, the HHS Office for Civil Rights issued a listserv announcement warning covered entities and their business associates about a phishing...more
This alert just in from HHS OCR:
“It has come to our attention that a phishing email is being circulated on mock HHS Departmental letterhead under the signature of OCR’s Director, Jocelyn Samuels. This email appears to...more
As part of the ongoing HHS OCR HIPAA audit initiative, it is conducting “HIPAA desk audits.” These audits don’t involve auditors coming in your facility. Instead, covered entities are being asked to submit documents on...more