Latest Publications

Share:

Girl Scouts Issue Cybersecurity Badges for Girls in K-12

If you have a daughter in K-12 who is in the Girl Scouts, check out the fact that they can now earn cybersecurity badges if they demonstrate a mastery of Internet security. Brilliant! What a great way to get girls interested...more

Privacy Tip #93 – Electronic Frontier Foundation Privacy Badger

I am from Wisconsin, so I am a Badger fan. Actually a double Badger fan, as I am a big fan of the Electronic Frontier Foundation’s (EFF) Privacy Badger. According to the EFF’s website, Privacy Badger “is a browser...more

1 Million Individuals’ Personal Data on Backup Drive is Stolen from Washington State University

File this story in the category of even locking data up in a safe is not secure. Washington State University (WSU) has begun to notify approximately 1 million individuals that their personal data was compromised when a...more

Medicaid Documents Thrown in Dumpster

The North Dakota Department of Human Services has admitted that one of its employees threw Medicaid claim resolution worksheets into a dumpster instead of disposing them in a secure onsite shredding receptacle. The result?...more

Reader’s Digest Publisher Settles Case Alleging it Sold Subscribers’ Personal Information for $8.2M

In what is being considered the largest-ever settlement of alleged violations of Michigan’s privacy law (the Michigan Preservation of Personal Privacy Act), the publisher of Reader’s Digest has agreed to pay out $8.2 million...more

Companies Using IoT Being Hit with Security Breaches

A new survey released by Altman Vilandrie & Company, which surveyed 400 IT personnel who have purchased Internet of Things (IoT) security products, shows that 46 percent of companies that buy IoT security admitted they have...more

OCR Issues Checklist for Responding to Cyber-Attack

The Office for Civil Rights (OCR) recently released guidance entitled “My Entity Just Experienced a Cyber-attack! What Do We Do Now?” The Checklist is a practical tool for health care entities and outlines several steps to...more

Privacy Tip #92 – Finally, HHS is Removing SSNs From Medicare Cards

For those of you who know me, you know that I have been very frustrated with the federal and state governments for continuing to use Social Security numbers for eligibility, enrollment and participating in Medicare and...more

AICPA Releases Cybersecurity Risk Management Reporting Fact Sheet for CPAs Without a Key Recommendation

The American Institute of CPAs (AICPA), has released a risk management reporting framework that is intended to “establish a common, underlying language for Cybersecurity risk management reporting—almost akin to US GAAP or...more

HHS Releases Health Care Industry Cybersecurity Task Force Report

Last week, the Department of Health and Human Services (HHS) issued its “Report on Improving Cybersecurity in the Health Care Industry,” which is the culmination of a year-long effort on behalf of the Cybersecurity Task...more

OneLogin Suffers and Notifies Customers of very Sophisticated and Scary Intrusion

San Francisco based OneLogin, which provides single sign on and identity management services for companies and app vendors, recently notified its users that it has discovered an unauthorized access to its data....more

“Fireball” Malware a Threat to Health Care Industry

A new report released by Check Point has security personnel working in the health care industry particularly concerned and they are warning their colleagues about the existence of “Fireball.”...more

OCR Issues Reminder on Security Incidents

Following the frequent and varied ransomware attacks on health care entities over the past few years, the Office for Civil Rights (OCR) published guidance last summer to the health care industry reminding it that a ransomware...more

Data Privacy + Cybersecurity Insider - June 2017

The American Institute of CPAs (AICPA), has released a risk management reporting framework intended to "establish a common, underlying language for Cybersecurity risk management reporting — almost akin to US GAAP or IFRS...more

2,500 Mothers’ and Newborns’ Personal and Health Information Lost in the Mail

The Arizona Department of Health Services (ADHS) has notified 2,500 patients that their personal and health information has been lost in the mail. The affected patients were mothers and newborns enrolled in the newborn...more

Privacy Tip #91 – Teen App Wishbone Compromised—Female Teenagers at Risk

Social networking app Wishbone, which is used primarily by teenage girls to vote on various teenage type quizzes, like favorite entertainers or fashion, has been hacked....more

New Study Shows Inaccuracies of Wearable Fitness Trackers for Calories Burned

Researchers at Stanford University have released a study concluding that wearable fitness trackers provide inaccurate measurements when it comes to providing information to users on how many calories have been burned....more

Pacemakers at Risk for Remote Tampering

A new study by WhiteScope concludes that pacemakers from four manufacturers contain security weaknesses that expose them to remote tampering. Pacemakers run on radio frequency and health care providers can adjust them to...more

Post-WannaCry—US-CERT Warns of Samba Security Flaw

Following the massive WannaCry event, the mantra among security folks is push patches to vulnerabilities as soon as they are released. US-CERT issued a warning late last week that there is a newly discovered flaw,...more

Privacy Tip #90 – Payment Card Breaches - Both Sides of the Story

We hear daily about another payment card breach at a retail store, restaurant chain or hotel line. The response to a payment card breach differs from company to company. I get a lot of questions about payment card breaches...more

Gather App Hit with TCPA Class Action Suit

Gather, a free app designed to allow users to create event invitations and send them to their contacts has been hit with a proposed TCPA class action suit. The named plaintiff alleges that Gather tricks users into giving...more

Target Settles with 47 AGs and DC for $18.5 Million

The 2013 hack that caused one of the largest breaches in U.S. retail history continues to be a headache for Target Corp. Following the breach just before the holidays in 2013, Target was hit with consumer class action suits,...more

FAA Drone Registration Rule Doesn’t Apply to Model Aircraft

The D.C. Circuit ruled late last week that the Federal Aviation Administration (FAA) Drone Registration Rule does not apply to model aircraft. The court held that the FAA does not have authority to regulate model aircraft...more

Protection of Vendor Report and Documents as Work Product is Big Win for Experian

When assisting clients with emergency data breach response, and preparing and implementing a data privacy and security plan, it often becomes efficient, cost effective and necessary to hire outside vendors to assist with...more

Rite Aid’s Online Store Breached

Rite Aid has admitted that its online eCommerce platform was accessed by unauthorized individual(s) from January 30, 2017, through April 11, 2017, and their customers’ names, addresses and payment card information, including...more

689 Results
/
View per page
Page: of 28

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.