Latest Posts › Data Security

Share:

DOJ Final Rule Applies to Anonymized, Pseudonymized, and De-Identified Data: What Data Licensors Need to Know

What's Changed? The U.S. Department of Justice (DOJ) published a Data Security Program (DSP), pursuant to a final rule (Final Rule), which became effective on April 8, 2025....more

DOJ Issues Additional Guidance and Clarification on the Bulk Data Transfer Rule: What U.S. Businesses Need to Know

On April 11, 2025, the Department of Justice's National Security Division (NSD) issued additional guidance to assist U.S. organizations in understanding and complying with the Data Security Program (DSP). As discussed in our...more

Proposed HIPAA Security Rule Updates

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) issued a Notice of Proposed Rulemaking (NPRM) on December 27, 2024, to update the Health Insurance Portability and Accountability Act...more

MOVEit Transfer Zero-Day Vulnerability: What Companies Need to Know

On May 31, 2023, renowned managed file transfer solution provider Ipswitch, Inc. revealed a zero-day vulnerability in its flagship solution, MOVEit Transfer, that can enable mass data theft from thousands of organizations....more

The LastPass Lesson: Why Your Company Needs to Care About Password Manager Breaches

In August 2022, LastPass – one of the largest password managers in the world – suffered a cyber breach resulting in the theft of thousands of password vaults of both individual and corporate users. Password managers are an...more

Privacy in 2023: Management and Officer Liability for Privacy and Data Security Programs

If your management team and board of directors are not talking often about cyber liability and risk management, they will be soon. As a matter of both corporate and individual liability, recent enforcement makes it clear...more

Software Developers With Federal Government Customers Must Provide Confirmation of NIST Standards

In mid-September, the Office of Management and Budget (OMB) released a memorandum requiring federal agencies to obtain attestation from software developers before running third-party software on government networks. Under...more

Cyber Criminals Now Have the Keys to Your "House"

On Tuesday, December 8 one of the nation's leading cyber defense vendors (FireEye) announced it suffered a recent cyber-attack from a "highly sophisticated threat actor, one whose discipline, operational security lead us to...more

Don't Forget About Cyber Hygiene During Coronavirus (COVID-19) Outbreak

As organizations prepare for certain contingency work arrangements in response to the coronavirus (COVID-19) outbreak, companies must also focus attention on ensuring appropriate cyber hygiene. ...more

Data Privacy Day 2020 – What Actions Businesses Can Take

Happy Data Privacy Day! Today, January 28, is a day to raise awareness, foster dialogue, and empower companies to act to ensure proper privacy (and security) of all types of data and information....more

Privacy & Cybersecurity Due Diligence – No Longer Optional: Company Fined $124 Million for Pre-Merger Compromise

In early July, a global hospitality company announced in a U.S. Securities and Exchange Commission (SEC) filing that it had been fined more than $124 million (more than £99 million) by the United Kingdom's Information...more

CMS Clarifies Text Messaging Prohibition

After a confusing month of contradicting guidance, the Centers for Medicare & Medicaid Services (CMS) issued a memorandum clarifying its position regarding the use of text messaging with patient information between providers....more

Maryland and Delaware to Roll Out Changes to Data Breach Laws in 2018

States continue to amend their Data Protection and Breach Notification Requirements. Maryland and Delaware are the most recent states to pass legislation designed to bring additional precision to an organization's...more

HIPAA Settlement Regarding Use of Internet Applications

On July 10, 2015, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced a settlement agreement with St. Elizabeth's Medical Center (SEMC) in Brighton, Massachusetts, regarding potential...more

14 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide