States were busy updating their data breach notification statutes in 2016. With 2016 in the rear view, let’s take a look back at the legislative changes that will impact corporate incident response processes and what those...more
There is no doubt that companies face unprecedented volume and variation in both disruptive and intrusive cyberattacks on their networks. Among the different attack methodologies today, ransomware is quickly becoming a major...more
7/29/2016
/ Breach Notification Rule ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Malware ,
Notification Requirements ,
OCR ,
Personally Identifiable Information ,
PHI ,
Popular ,
Ransomware
This month, the Federal Communications Commission (FCC) will consider issuing a Notice of Proposed Rulemaking (NPRM) for privacy regulations that will apply to broadband providers. The goals and objectives of the proposed...more
As we head into the end of 2015, state legislators across the country continue to strengthen, update and, in some instances, broaden the scope of their respective state data breach notification laws. Specifically, many...more
10/1/2015
/ Bank Accounts ,
Breach Notification Rule ,
Credit Cards ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Breach Plans ,
Data Protection ,
Data Security ,
Debit Cards ,
Hackers ,
Passwords ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Legislation ,
Social Security Numbers
Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called “Phase 2 Audits” are set to commence...more
9/21/2015
/ Audits ,
Breach Notification Rule ,
Business Associates ,
Compliance ,
Corrective Actions ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HITECH Act ,
Incident Response Plans ,
OCR ,
Personally Identifiable Information ,
Privacy Policy ,
Privacy Rule ,
Risk Assessment ,
Security Rule
Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more
9/21/2015
/ Breach Notification Rule ,
Cloud Computing ,
Corrective Actions ,
Covered Entities ,
Cybersecurity ,
Data Breach ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HITECH Act ,
Hospitals ,
OCR ,
Personally Identifiable Information ,
PHI ,
Privacy Rule ,
Risk Assessment
April saw amendments to Washington State's and North Dakota's breach notification statutes.
In a prior Orrick Alert, we discussed some of the implications from the proposed data breach notification amendments in...more
On March 4, 2015, Washington State’s House of Representatives passed HB 1078, which would significantly tighten Washington’s current data breach notification requirements, currently codified at RCW 19.255.010. The bill has...more