In August, the California Privacy Protection Agency (CPPA) released its initial draft regulations for cybersecurity audits and risk assessments under the California Privacy Rights Act (CPRA). While the CPPA has not yet...more
10/13/2023
/ Artificial Intelligence ,
California ,
California Privacy Protection Agency (CPPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Machine Learning ,
Personal Information ,
Popular ,
Risk Assessment ,
State Privacy Laws
PharMerica and its subsidiary Amerita’s Specialty Infusion Services (Amerita) are already facing class action lawsuits after patients received a September 5, 2023, data breach notification letter. When the businesses detected...more
CYBERSECURITY -
CISA Launches Cybersecurity Public Awareness Campaign -
To kick off the twentieth annual Cybersecurity Awareness Month, the Cybersecurity and Infrastructure Security Agency (CISA) has announced that CISA...more
CYBERSECURITY -
Joint Advisory Warns of Snatch Ransomware -
The FBI and CISA issued a Joint Cybersecurity Advisory “#StopRansomware: Snatch Ransomware” on September 20, 2023. The Advisory outlines the indicators of...more
On September 8, 2023, the California Privacy Protection Agency (CPPA) will discuss the two new sets of proposed California Privacy Protection Act (CCPA) regulations. Here is a breakdown of the two new proposed regulations and...more
9/8/2023
/ Artificial Intelligence ,
Audits ,
Automation Systems ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Machine Learning ,
Risk Assessment
CYBERSECURITY -
Joint Commission Issues Alert on Patient Safety After a Cyber-Attack -
On August 15, 2023, the Joint Commission issued a Sentinel Event Alert entitled “Preserving patient safety after a cyberattack,”...more
CYBERSECURITY -
CISA Issues Four More Industrial Control Systems Advisories -
On August 22, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) issued four more advisories related to industrial control...more
8/25/2023
/ Artificial Intelligence ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Governance ,
Machine Learning ,
Personal Data ,
Vulnerability Assessments
Earlier this month, the Commissioner of Data Protection of the Dubai International Financial Centre (DIFC), a financial free-zone in the United Arab Emirates (UAE), issued the first adequacy decision regarding the California...more
In October 2022, Advocate Aurora Health notified 3 million individuals of a data breach resulting from its use of tracking pixels on its website for tracking website visitor activity. Now, this month, Advocate Aurora Health...more
8/25/2023
/ Class Action ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Protection ,
Data Security ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Privacy Policy ,
Web Tracking
CYBERSECURITY -
CISA Issues Two Industrial Control Systems Advisories -
The Cybersecurity and Infrastructure Security Agency (CISA) recently issued “timely information about current security issues, vulnerabilities, and...more
8/21/2023
/ California Privacy Protection Agency (CPPA) ,
Connected Cars ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Brokers ,
Data Privacy ,
Data Protection ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
QR Codes ,
Regulatory Agenda ,
Vulnerability Assessments
Recently, the California Privacy Protection Agency (CPPA) announced its new initiative in investigating the data privacy practices of connected vehicle (CV) manufacturers and the related technologies. Generally, the CPPA will...more
8/18/2023
/ Automation Systems ,
Automotive Industry ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Connected Cars ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Innovative Technology ,
Motor Vehicles ,
Privacy Concerns
The White House hosted a roundtable meeting Tuesday on the data brokering industry as a part of an administration-wide push toward strengthening America’s consumer privacy landscape. The meeting brought together researchers,...more
8/18/2023
/ Biden Administration ,
Consumer Financial Protection Bureau (CFPB) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Brokers ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Fair Credit Reporting Act (FCRA) ,
Information Governance ,
Patient Privacy Rights ,
Personal Data ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Requirements ,
Reproductive Healthcare Issues
The California Attorney General recently announced an initiative to investigate employers’ non-compliance with the California Consumer Privacy Act/California Privacy Rights Act (collectively the CCPA)....more
8/4/2023
/ California ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Employee Privacy Rights ,
Regulatory Oversight ,
State Attorneys General
CYBERSECURITY -
SEC Adopts New Cybersecurity Rules for Public Companies -
In a 3-2 vote, the Securities and Exchange Commission (SEC) adopted new cybersecurity rules yesterday (July 26, 2023) applicable to public...more
7/28/2023
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Justice (DOJ) ,
Federal Trade Commission (FTC) ,
Hackers ,
Information Technology ,
Machine Learning ,
Securities and Exchange Commission (SEC)
A plan for an enforcement program under the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA) (collectively CCPA) is on its way from the California Privacy Protection Agency (CPPA). Despite a recent...more
7/28/2023
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Enforcement Guidance ,
State Privacy Laws
CYBERSECURITY -
Patch Adobe ColdFusion Vulnerabilities Being Exploited in the Wild ASAP -
Adobe has issued alerts on three vulnerabilities affecting its ColdFusion product. The first alert, issued on July 11, 2023,...more
7/24/2023
/ Adobe ,
Artificial Intelligence ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Drones ,
EU ,
Hackers ,
Machine Learning ,
Vulnerability Assessments
CYBERSECURITY -
Unpatched Fortinet Vulnerability Being Exploited by Threat Actors -
According to cybersecurity researchers at Bishop Fox, “hundreds of thousands” of FortiGate firewalls have not been patched against a...more
This week, the California Superior Court ruled that the California Privacy Protection Agency (CPPA) cannot begin enforcement of the California Privacy Rights Act (CPRA) until March 2024. The ruling stems from a lawsuit filed...more
On May 17, 2023, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement with MedEvolve, Inc. for $350,000. MedEvolve provides practice and revenue cycle management and practice...more
5/19/2023
/ Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Violations ,
OCR ,
PHI ,
Settlement ,
Software
CYBERSECURITY -
FDD Suggests Space Systems be Designated as Critical Infrastructure -
The Foundation for Defense of Democracies (FDD) issued a Report late last week entitled Time to Designate Space Systems as Critical...more
CYBERSECURITY FBI, CISA + MS-ISAC Warn of LockBit 3.0 Ransomware The FBI, CISA and the Multi-State Information Sharing and Analysis Center (MSISAC) recently released a joint cybersecurity advisory, warning organizations about...more
3/24/2023
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
FBI ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
TikTok ,
Vulnerability Assessments
CYBERSECURITY -
World Economic Forum’s Global Cybersecurity Outlook for 2023 Is Bleak -
Sorry to be the bearer of bad news but remember that I am only the messenger. According to the World Economic Forum’s Global...more
2/9/2023
/ California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Hackers ,
Information Technology ,
Popular ,
Social Engineering ,
Vulnerability Assessments
The Office of the California Attorney General recently announced that it will initiate an investigative sweep and will start sending letters to businesses about their mobile apps for failure to comply with the California...more
2/3/2023
/ California ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Information Governance ,
Mobile Apps ,
Regulatory Violations ,
State Attorneys General
CYBERSECURITY -
Chick-Fil-A Sued for Sharing Data through Meta Pixel -
While plaintiffs’ attorneys were initially focused late last year on suing health care entities for using Pixel and other tracking technology to share...more
1/27/2023
/ California Privacy Rights Act (CPRA) ,
Chick-Fil-A ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Protection ,
Data-Sharing ,
Fast-Food Industry ,
Popular ,
Scams ,
Statutory Violations ,
T-Mobile ,
Web Tracking
The California Privacy Protection Agency (CPPA) Board will hold its third public hearing on February 3, 2023, at 10 am PST.
The meeting will open with the Chairperson’s Update, during which CPPA Chairperson Jennifer...more