CYBERSECURITY -
Unpatched Fortinet Vulnerability Being Exploited by Threat Actors -
According to cybersecurity researchers at Bishop Fox, “hundreds of thousands” of FortiGate firewalls have not been patched against a...more
This week, the California Superior Court ruled that the California Privacy Protection Agency (CPPA) cannot begin enforcement of the California Privacy Rights Act (CPRA) until March 2024. The ruling stems from a lawsuit filed...more
On May 17, 2023, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement with MedEvolve, Inc. for $350,000. MedEvolve provides practice and revenue cycle management and practice...more
5/19/2023
/ Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Violations ,
OCR ,
PHI ,
Settlement ,
Software
Globhe Drones, based in Sweden, provides a subscription model platform for businesses to access data from about 8,000 drone operators in 134 countries. Globhe’s drone data marketplace gathers aerial imagery and generates...more
Tennessee, Montana, Iowa, and Indiana have each recently passed a consumer privacy statute in recent weeks. These laws follow the same trend started by California’s Consumer Privacy Act by granting consumers the right to know...more
CYBERSECURITY -
FDD Suggests Space Systems be Designated as Critical Infrastructure -
The Foundation for Defense of Democracies (FDD) issued a Report late last week entitled Time to Designate Space Systems as Critical...more
Colorado is poised to become one of the first states to regulate how insurers can use big data and AI-powered predictive models to determine risk for underwriting. The Department of Insurance recently proposed new rules that...more
CYBERSECURITY FBI, CISA + MS-ISAC Warn of LockBit 3.0 Ransomware The FBI, CISA and the Multi-State Information Sharing and Analysis Center (MSISAC) recently released a joint cybersecurity advisory, warning organizations about...more
3/24/2023
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
FBI ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
TikTok ,
Vulnerability Assessments
The New York City Department of Consumer and Worker Protection will delay enforcement of Local Law 144, until April 15, 2023. The law requires companies operating in the City to audit automated employment decision tools for...more
3/24/2023
/ Artificial Intelligence ,
Bias ,
City of New York ,
Employer Liability Issues ,
Employment Discrimination ,
Hiring & Firing ,
Independent Audits ,
Job Applicants ,
Labor Reform ,
Local Ordinance ,
Popular
A recent study found that some data brokers are selling highly sensitive data relating to consumers’ mental health conditions on the open market with minimal vetting of their customers and few controls on how these purchasers...more
2/24/2023
/ Data Brokers ,
Data Security ,
Data Sellers ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Mental Health ,
Mobile Apps ,
PHI ,
Popular ,
Privacy Policy
CYBERSECURITY -
World Economic Forum’s Global Cybersecurity Outlook for 2023 Is Bleak -
Sorry to be the bearer of bad news but remember that I am only the messenger. According to the World Economic Forum’s Global...more
2/9/2023
/ California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Hackers ,
Information Technology ,
Popular ,
Social Engineering ,
Vulnerability Assessments
The Office of the California Attorney General recently announced that it will initiate an investigative sweep and will start sending letters to businesses about their mobile apps for failure to comply with the California...more
2/3/2023
/ California ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Information Governance ,
Mobile Apps ,
Regulatory Violations ,
State Attorneys General
CYBERSECURITY -
Chick-Fil-A Sued for Sharing Data through Meta Pixel -
While plaintiffs’ attorneys were initially focused late last year on suing health care entities for using Pixel and other tracking technology to share...more
1/27/2023
/ California Privacy Rights Act (CPRA) ,
Chick-Fil-A ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Protection ,
Data-Sharing ,
Fast-Food Industry ,
Popular ,
Scams ,
Statutory Violations ,
T-Mobile ,
Web Tracking
The California Privacy Protection Agency (CPPA) Board will hold its third public hearing on February 3, 2023, at 10 am PST.
The meeting will open with the Chairperson’s Update, during which CPPA Chairperson Jennifer...more
CYBERSECURITY -
235 Million Twitter User Email Addresses Posted on Hacking Forum -
Israeli cybersecurity firm Hudson Rock has reported that the email addresses of more than 235 million Twitter users have been stolen and...more
An Illinois appellate court has ruled that Apple’s biometric unlock features, including Touch ID fingerprint scanning and Face ID facial geometry scanning, do not violate the state’s Biometric Information Privacy Act (BIPA)....more
1/13/2023
/ Apple ,
Biometric Information ,
Biometric Information Privacy Act ,
Class Action ,
Data Collection ,
Data Privacy ,
Data Storage ,
Facial Recognition Technology ,
Fingerprints ,
Personal Data ,
Personally Identifiable Information ,
Smartphones
Readers of this blog know that we’ve been closely following the California Privacy Rights Act (CPRA) rulemaking process. California passed the law in 2020 to update the California Consumer Privacy Act of 2018 with additional...more
1/13/2023
/ California ,
California Privacy Protection Agency (CPPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Personal Information ,
Regulatory Agenda ,
Regulatory Oversight ,
Regulatory Requirements ,
State Privacy Laws
CYBERSECURITY -
LastPass Updates Disclosure of Security Incident -
There are pros and cons to using a password manager. The biggest pro is that it helps keep all of our passwords organized and safe. The biggest con is...more
1/9/2023
/ Artificial Intelligence ,
COPPA ,
Cybersecurity ,
Data Privacy ,
EPIC ,
Federal Trade Commission (FTC) ,
Influencers ,
Microchip Technology ,
Robotics ,
Scams ,
Securities and Exchange Commission (SEC) ,
Unfair or Deceptive Trade Practices
Epic Games $520 Million Settlement with FTC for Unfair Practices and COPPA Violations -
Recently, Epic Games, Inc. (Epic), maker of the popular Fortnite video game, settled allegations posed by the Federal Trade...more
Artificial intelligence (AI) development company, DoNotPay, developed an AI robot app, which will act as “The World’s First Robot Lawyer” by listening in on court proceedings via the defendant’s phone while the defendant...more
Since the California Privacy Protection Agency (CPPA) released its draft regulations pursuant to the California Privacy Rights Act (CPRA), the biggest gripe from businesses has been the website tracking opt-out requirements....more
12/9/2022
/ California ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Data Management ,
Data Privacy ,
Data Protection ,
Do Not Track ,
Information Governance ,
Opt-Outs ,
Regulatory Reform ,
Web Tracking
A 34-page class action was filed against Blackhawk Network for a data breach that occurred on MyPrepaidCenter.com in September of this year. The plaintiffs allege that Blackhawk Network’s failure to prevent or detect this...more
CYBERSECURITY -
South Dakota Governor Bans State Workers from Using TikTok -
It is estimated that some 80 million Americans and more than one billion people use TikTok. It is well known that TikTok has a direct...more
The holiday season is here again, and many university students will return in January sporting a brand new drone. Drones have come a long way from the unwieldy RC copters of the past, and modern drones can operate across...more
CYBERSECURITY -
Health Care Organizations Warned of Venus Ransomware -
The Health Care Sector Cybersecurity Coordination Center (IC3) recently released an Analyst’s Note to health care organizations providing information...more
11/23/2022
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Facebook ,
General Data Protection Regulation (GDPR) ,
Identity Theft ,
Instagram ,
Popular ,
Ransomware ,
Spyware ,
Vulnerability Assessments