Latest Publications

Share:

Some Cyber Monday Shopping Tips

As you enjoy the holiday weekend, and even some Cyber Monday shopping, keep in mind these online shopping tips from the FTC: ..Know the seller and the item. Put the company or product name in a search engine, along with...more

HHS Office for Civil Rights Issues Guidance on How HIPAA Allows Information Sharing to Address the Opioid Crisis

Following President Trump’s declaration of a nationwide public health emergency regarding the opioid crisis, the HHS Office for Civil Rights has released new guidance on when and how health care providers can share a...more

10/30/2017  /  Health Care Providers , HHS , HIPAA , OCR , Opioid

GRDP Update: WP29 Guidelines adopted for Data Protection Impact Assessment

The new GDPR is much more detailed than the 1995 Directive. The GDPR has 99 articles, versus 34 in the Directive. And a few new key concepts clearly require new guidance....more

JAMA: Cybersecurity Concerns and Medical Devices – Lessons from a Pacemaker Advisory

Interesting viewpoints from this Journal of the American Medical Association article on FDA’s August 2017 notice re: cyber security issues with certain pacemakers, including:... ...more

Schrems II Judgment Rendered

A 152 page judgment was rendered on October 3, 2017 by the Irish High Court in Schrems II: DPC v Facebook Final. Nor surprisingly, the court decided to refer the case to the Court of Justice of the European Union to make...more

The Massachusetts Attorney General’s Complaint Against Equifax

As most are aware, the Massachusetts Attorney General has won the race to the courthouse and been the first regulator to file suit against Equifax....more

Yes, You Were Likely a Victim of the Equifax Hack, But Here’s What You Can Do Now

As we previously said, the Equifax breach affects approximately 143 million Americans. While the hackers stole data that includes addresses, birth dates, full names and Social Security numbers, there are steps you can take...more

So They’ve Hacked Equifax…. Is Anyone Safe? And What Should You Do Now?

Me and 143 million of my closest friends may have had our personal information inappropriately accessed through a breach at Equifax–is there no safe haven anywhere? Deferring that question for another day, here are the...more

The Man Who Wrote Those Password Rules Has a New Tip: N3v$r M1^d!

Great article in the Wall Street Journal this week (paywall), on the history of passwords and password management. I did not know that the seeming obsession with passwords featuring a strange mixing of capital letters,...more

8/10/2017  /  Data Protection , NIST , Passwords

“If You Are Reading This, You Probably Weren’t Hacked Last Week” – So Now What?

First, the basic facts about the recent ransomware attack: ..US-CERT has received multiple reports of WannaCry ransomware infections in several countries around the world. ..Ransomware is a type of malicious software that...more

Google Docs Phishing (in real time, May 3, 2017, 4:30pm)

If you check your email this afternoon, you may see a message that someone you know is sharing something on Google Docs....more

Is Computer Security Broken?

The Economist certainly thinks computer security is broken (and it’s hard to argue the contrary). In its April 8 edition, The Economist’s cover story proclaims, “Why computers will never be safe.” While that’s good news for...more

Want to Know Why Memorial Healthcare Systems Is Paying HHS OCR $5.5 Million?

On February 16, 2017, HHS OCR announced that Memorial Healthcare Systems (MHS) had paid the U.S. Department of Health and Human Services (HHS) $5.5 million to settle potential violations of HIPAA’s Privacy and Security Rules...more

Additional Clarification regarding HHS OCR Phishing Email Alert

More information from HHS OCR about the phishing threat... ..On November 28, 2016, the HHS Office for Civil Rights issued a listserv announcement warning covered entities and their business associates about a phishing...more

HHS OCR Alert: Phishing Email Disguised as Official OCR Audit Communication

This alert just in from HHS OCR: “It has come to our attention that a phishing email is being circulated on mock HHS Departmental letterhead under the signature of OCR’s Director, Jocelyn Samuels. This email appears to...more

More on HIPAA Audits for 2016 and 2017–Desk Audits and On-Site Audits

As part of the ongoing HHS OCR HIPAA audit initiative, it is conducting “HIPAA desk audits.” These audits don’t involve auditors coming in your facility. Instead, covered entities are being asked to submit documents on...more

Sharing Consumer Health Information? Look to HIPAA and the FTC Act

Does your business collect and share consumer health information? Check out these tips from the FTC for complying with HIPAA and the FTC Act....more

Quick Thoughts About the Yahoo Breach

Another day, another 500 million Yahoo accounts reached. Our friends at the FTC are right on top of this with guidance for individuals with Yahoo accounts. First and foremost, change your Yahoo password....more

Bad News for HIPAA Business Associates: HHS OCR Announces $650,000 Settlement for BA Breach

Catholic Health Care Services of the Archdiocese of Philadelphia (“CHCS”), a HIPAA business associate, has agreed to pay the Department of Health and Human Services Office of Civil Rights (“OCR”) $650,000 in connection with a...more

Cybersecurity News and Notes – June 2016

In Case You Missed It: US and EU officials signed on to the so-called “Privacy Umbrella” deal last week. The agreement is designed to protect the personal data of EU citizens when it is transferred to the US for law...more

HHS OCR Launches Phase 2 of HIPAA Audit Program–So What?

You have seen all the hysterical headlines — “The HIPAA audits are coming, the HIPAA audits are coming….” But when you really think about it, what is the big deal? If you are a HIPAA covered entity, you surely know by now...more

Challenging the Conventional Wisdom on Mandatory Password Changes

Very interesting thought piece from the FTC’s Chief Technologist. Do mandatory password resets actually make us less secure? ...more

3/4/2016  /  Cybersecurity , FTC , Passwords

President Obama Signs the Judicial Redress Act (H.R.1428/S.1600)

As part of implementing the EU-US Privacy Shield, on February 24, 2016, President Obama signed the Judicial Redress Act (H.R.1428/S.1600). This law is designed to give EU citizens the right to sue the U.S. government for...more

In Cybersecurity, No Harm Does Not Necessarily Mean No Foul

How much does the question of harm matter in cybersecurity law? The answer is: It depends on who is bringing the claim. Businesses confronting data breaches can face litigation from private consumers as well as from...more

54 Results
/
View per page
Page: of 3

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.