At the close of 2024, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) issued a Notice of Proposed Rulemaking (the Proposed Rule) to amend the Security Rule regulations established...more
CYBERSECURITY -
CISA/FBI Advisory Warns of Destructive Malware Used Against Ukraine -
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint advisory this week alerting organizations of...more
3/4/2022
/ Artificial Intelligence ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
FBI ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Identity Theft ,
Information Blocking Rules ,
Malware ,
Passwords ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Russia ,
T-Mobile ,
Ukraine ,
Vulnerability Assessments
CYBERSECURITY -
White House Focused on Combating Ransomware -
Ransomware attacks are frequent and escalating as we speak. Double extortion scams are hitting companies at a dizzying pace, and catching companies, large...more
7/16/2021
/ Article III ,
Biden Administration ,
Canon ,
COPPA ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Federal Aviation Administration (FAA) ,
Hackers ,
Ransomware ,
Smart Devices ,
Standing ,
Telemarketing ,
Text Messages
On June 16, and then on July 6, 2021, Connecticut Governor Ned Lamont signed into law a pair of bills that together address privacy and cybersecurity in the state....more
CYBERSECURITY -
NYDFS -
Cybersecurity Certificate of Compliance Due April 15, 2021
The New York Department of Financial Services (DFS), which regulates certain covered entities and licensed persons in the financial...more
1/22/2021
/ Blockchain ,
California Consumer Privacy Act (CCPA) ,
CARES Act ,
Class Action ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Financial Services Industry ,
Hackers ,
HIPAA Breach ,
Malware ,
Marriott ,
NYDFS ,
Paycheck Protection Program (PPP) ,
Personal Data ,
Personally Identifiable Information ,
Russia ,
SolarWinds ,
Vaccinations
On November 20, 2020, the Department of Health & Human Services (HHS) released heavily anticipated final rules revising the regulatory exceptions to the Physician Self-Referral Law (also known as the Stark Law), the...more
Microsoft Issues Cybersecurity Risk Warning and Offers Help to Hospitals During COVID-19 Crisis -
On April 1, 2020, Microsoft issued a specific warning to health care entities alerting them that they are at particular risk...more
4/6/2020
/ Coronavirus/COVID-19 ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Microsoft ,
OCR ,
Popular ,
Telemarketing ,
Vulnerability Assessments
COVID-19 Vaccine Test Lab Hit by Maze Ransomware -
Despite the fact that the hackers behind Maze ransomware previously promised not to hit medical organizations during the coronavirus pandemic, the ransomware recently...more
3/31/2020
/ California Consumer Privacy Act (CCPA) ,
Coronavirus/COVID-19 ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Federal Aviation Administration (FAA) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Ransomware ,
Spam ,
Telecommuting ,
Telehealth
Researchers at Sentinel One and Dragos have detected malicious code, called EKANS or Snake, that has been designed specifically to target industrial control systems (ICS), including those of oil refineries, manufacturing...more
2/7/2020
/ China ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Drones ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Identity Theft ,
Infectious Diseases ,
Malware ,
Medical Records ,
OCR ,
Personally Identifiable Information ,
Point of Sale Terminals ,
Public Health ,
Retailers ,
Tax Fraud ,
Vulnerability Assessments
It is being reported that LifeLabs, a Canadian lab company that is the largest provider of laboratory diagnostics and lab testing services in Canada, recently paid an undisclosed ransom to hackers who compromised its computer...more
12/23/2019
/ Biometric Information ,
Clinical Laboratories ,
Connected Cars ,
Connected Items ,
Criminal Conspiracy ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Electronic Medical Records ,
Extradition ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Identity Theft ,
Information Technology ,
Malware ,
OCR ,
Personally Identifiable Information ,
PHI ,
Ransomware ,
Settlement
National Veterinary Associates (NVA), a large network of veterinary hospitals and clinics, has reportedly been the victim of a ransomware attack. According to the reports, NVA employs more than 2,600 veterinarians, with over...more
12/11/2019
/ Aviation Industry ,
Beneficiaries ,
Biometric Information ,
Bitcoin ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Medicare ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Restaurant Industry ,
Settlement Agreements ,
Virtual Currency
The Wolcott school system in Wolcott, Connecticut has been recovering for four months from a ransomware attack that hit its system at the end of the school year. Last week, it was hit with a second attack. According to...more
9/13/2019
/ Consumer Privacy Rights ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Debt Collectors ,
Digital Assets ,
Educational Institutions ,
Enforcement Actions ,
Financial Services Industry ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Medical Records ,
Municipalities ,
NIST ,
Personally Identifiable Information ,
Ransomware ,
TCPA
Vicious malware continues to be deployed by China-based attackers. A new strain of malware, dubbed “HiddenWasp,” which has the ability to remotely infect computers, has been discovered by a security researcher at Intezar. The...more
6/7/2019
/ California Consumer Privacy Act (CCPA) ,
China ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Exploitation ,
Extortion ,
FBI ,
Genetic Materials ,
Genetic Testing ,
Hackers ,
Information Technology ,
Malware ,
OIG ,
Online Safety for Children ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Quest Diagnostics ,
Vulnerable Victims
Although many thought that WannaCry was in the rear view mirror, a recent report by Artemis, based on client experience, found that health care organizations and manufacturing companies are still being hit with the ransomware...more
5/31/2019
/ Cyber Crimes ,
Cyber Insurance ,
Cybersecurity ,
Data Privacy ,
Enforcement Actions ,
Hackers ,
Health Care Providers ,
HIPAA Breach ,
Malware ,
Manufacturers ,
OCR ,
Personally Identifiable Information ,
Ransomware ,
Robocalling ,
Telemarketing
According to a recent survey of cybersecurity professionals by AT&T Cybersecurity entitled “Confidence: the perception and reality of cybersecurity threats,” phishing and cloud security threats are keeping them up at...more
5/3/2019
/ Best Practices ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Drones ,
Federal Aviation Administration (FAA) ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Limitation of Liability Clause ,
Phishing Scams ,
Popular ,
Unmanned Aircraft Systems
According to Hiscox’s Third Cyber Readiness Report, which surveyed 5,400 firms in the U.S. and the E.U., cyber threats have “become the unavoidable cost of doing business today.” The Report notes that for the first time, “a...more
4/29/2019
/ Charitable Donations ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Personally Identifiable Information ,
Popular ,
Scams ,
Vulnerability Assessments
Cybercriminals have launched a new campaign that not only requires the victim to pay a ransom to have their data decrypted, but when the victim is directed to a PayPal account to pay the ransom and get the decryption key to...more
1/21/2019
/ Biometric Information ,
California Consumer Privacy Act (CCPA) ,
Cell Phones ,
Commercial General Liability Policies ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data-Sharing ,
Drones ,
Geological Data ,
Hackers ,
HIPAA Breach ,
Personally Identifiable Information ,
Ransomware ,
Right to Privacy ,
Risk Management ,
Rulemaking Process ,
WISP
For data security buffs like me, the recent McAfee® Labs Threats Report, December 2018 is, or should be, a top pick on the list. Well, maybe not for the holiday reading list. We need to be careful not to bring up the results...more
12/27/2018
/ Article III ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Driverless Cars ,
Drones ,
Experian ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Technology ,
OCR ,
Public Health ,
Risk Management ,
Smart Devices ,
Standing ,
Transportation Industry ,
Vaccinations ,
Value-Based Care ,
Vulnerability Assessments
Many consumers are unaware that retailers use facial recognition technology in retail stores to monitor shoppers and prevent shoplifting. Consumers see cameras in retail stores and assume they are there to monitor for...more
10/15/2018
/ Americans with Disabilities Act (ADA) ,
COPPA ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Disability Discrimination ,
Driverless Cars ,
Drones ,
Enforcement Actions ,
EU-US Privacy Shield ,
Facial Recognition Technology ,
Federal Aviation Administration (FAA) ,
Federal Trade Commission (FTC) ,
OIG ,
Online Safety for Children ,
Personally Identifiable Information ,
Popular ,
Regulatory Standards ,
Title III ,
Trump Administration ,
Unmanned Aircraft Systems ,
Website Accessibility ,
Website Owner Liability ,
Websites
The Office of Inspector General (OIG) recently announced the creation of a cybersecurity team focused on combating threats within the Department of Health & Human Services (HHS), and within the health care industry. ...more
The State of California is once again leading the way with trying to keep up with technology and protecting consumers. Senate Bill 327 requires Internet of Things (IoT) developers to implement “reasonable security features”...more
10/1/2018
/ Biometric Information ,
Biometric Information Privacy Act ,
Blockchain ,
COPPA ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Protection ,
Drones ,
Fingerprints ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Hurricane Florence ,
Insurance Claims ,
Internet of Things ,
Online Safety for Children ,
Passwords ,
Popular ,
Property Damage ,
Settlement ,
State Farm ,
Uber
We have previously reported on the ongoing cybersecurity issues with St. Jude defibrillators [view related posts here, here, and here]. On June 29, 2018, the Food and Drug Administration (FDA) classified the required firmware...more
7/16/2018
/ Adidas ,
Computer Fraud and Abuse Act (CFAA) ,
Constitutional Challenges ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Drones ,
Emergency Management Plans ,
Emergency Response ,
EU-US Privacy Shield ,
Federal Aviation Administration (FAA) ,
Federal Trade Commission (FTC) ,
Food and Drug Administration (FDA) ,
Hackers ,
Healthcare ,
Healthcare Facilities ,
HIPAA Breach ,
Medical Devices ,
Mobile Apps ,
Popular ,
Ransomware ,
Regulatory Requirements ,
Regulatory Violations ,
St Jude Medical Center ,
Wildfires
Bezop Cryptocurrency Investors’ Personal Information Exposed -
Kromtech Security has reported that the sensitive personal information of more than 25,000 investors of Bezop cryptocurrency was exposed when a MongoDB...more
5/4/2018
/ Cryptocurrency ,
Cybersecurity ,
Data Breach ,
Digital Currency ,
Drones ,
Hackers ,
Health Care Providers ,
HIPAA Breach ,
Hospitality Industry ,
PHI ,
Smart Devices ,
Unmanned Aircraft Systems ,
Virtual Currency
On the heels of the ransomware that had the City of Atlanta scrambling last week, New York City Mayor Bill de Blasio announced the launch of “NYC Secure,” a free mobile app that will alert New York City residents of...more
4/10/2018
/ Blockchain ,
Cambridge Analytica ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Distributed Ledger Technology (DLT) ,
Drones ,
Electric Vehicles ,
Electronically Stored Information ,
Facebook ,
Legislative Agendas ,
New Legislation ,
Part 107 ,
Personal Data ,
Proposed Legislation ,
Ransomware ,
Social Media ,
State Data Breach Notification Statutes ,
Taxi Cabs ,
US v Microsoft
Power Company Fined for Contractor Copying Data to its Own Insecure Network -
Vendor management continues to be a problem for all industries, but some are scarier than others. The North American Electric Reliability Corp....more
3/30/2018
/ Asset Management ,
Cloud Storage ,
Cybersecurity ,
Data Breach ,
Driverless Cars ,
Drones ,
Electronically Stored Information ,
Energy Sector ,
Federal Aviation Administration (FAA) ,
FERC ,
Fraud ,
Identity Theft ,
Infrastructure ,
NERC ,
NIST ,
Part 107 ,
Popular ,
Social Security ,
State Data Breach Notification Statutes ,
Third-Party Service Provider ,
Unmanned Aircraft Systems ,
Utilities Sector ,
Vulnerability Assessments