There are arguments that there is a dearth of guidance by both the Office for Civil Rights (OCR) and Federal Trade Commission (FTC), so when guidance comes out, we listen. But the most recent guidance jointly issued by the...more
11/4/2016
/ Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Disclosure Requirements ,
Electronic Medical Records ,
Federal Trade Commission (FTC) ,
FTC Act ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Authorization Forms ,
New Guidance ,
OCR ,
Personally Identifiable Information ,
PHI
A recent nationwide poll conducted by The Rad Campaign and Lincoln Park Strategies shows that although 96 percent of American social media users distrust the ability of social media platforms to protect their personal...more
The NTT Security Q3 Quarterly Threat Intelligence Report states that the healthcare industry is the fifth most targeted industry for ransomware (behind financial services, retail, manufacturing and technology) for all cyber...more
10/28/2016
/ Cyber Attacks ,
Data Breach ,
Electronic Medical Records ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach ,
Malware ,
PHI ,
Ransomware
The Federal Trade Commission (FTC) this week issued the publication, Data Breach Response: A Guide for Business, that outlines steps it recommends that businesses take when it believes it may have suffered a data breach....more
On Monday, October 24, 2016, the Department of Transportation’s National Highway Traffic Safety Administration (NHTSA) issued proposed cybersecurity guidance to the auto industry, including auto manufacturers and designers...more
Gov. Dannel P. Malloy recently appointed Democrat Arthur H. House the state’s first cybersecurity czar. House moves into the role after serving as the chairman of the Public Utilities Regulatory Authority for the past four...more
10/24/2016
/ Administrative Appointments ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Hackers ,
Natural Gas ,
Oil & Gas ,
Risk Management ,
Utilities Sector ,
Water Supplies
The Office for Civil Rights (OCR) has announced that it has entered into a settlement with St. Joseph Health, which operates hospitals and nursing homes in California, Texas and New Mexico, for $2.14 million for alleged HIPAA...more
There are a half a billion chip cards in the market right now. They have been touted to improve security and reduce credit card fraud. But do they?
According to a new report, both Visa and MasterCard have reported that...more
Because cyber risk presents a “unique concern” in the energy sector, the World Energy Council has issued a new report entitled “The Road to Resilience: Managing Cyber risks,” to its industry leaders....more
According to the Surgeon General of the United States, the personal information of current, former and retired employees of the United States Public Health Service Commissioned Corps and their dependents has been compromised....more
Last week, Brian Krebs reported that hackers using a malware dubbed “Marai” have identified hundreds of thousands of home and office devices that have weak security. Then the hackers released the malware publicly so anyone...more
Approximately 300,000 patients of Central Ohio Urology Group have been notified that their protected health information has been stolen and posted online.
Although the actual date of the hacking has not been released,...more
All enterprises are struggling with the security risks posed by the use of mobile devices by employees. Companies want their employees to have easy access to information so that they can perform their job functions in an...more
The National Institute of Standards and Technology (NIST) recently published a draft cybersecurity self-assessment tool entitled “The Baldrige Cybersecurity Excellence Builder,” which provides organizations with a tool to...more
We previously reported that 21st Century Oncology suffered a data breach in October 2015 involving an intrusion into its systems which compromised around 2 million patients’ records, including their names, Social Security...more
10/13/2016
/ Class Action ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Fair Credit Reporting Act (FCRA) ,
Hackers ,
Health Care Providers ,
Healthcare ,
Personally Identifiable Information ,
Popular ,
Unfair or Deceptive Trade Practices
The National Institute of Standards and Technology (NIST) recently published a new article that finds that most typical computer users experience security fatigue that leads users to engage in risky behavior when they are at...more
The Department of Justice (DOJ) yesterday announced that it has charged a Maryland man, Harold Thomas Martin III with theft of government property and unauthorized removal and retention of classified materials by a government...more
A federal judge in Illinois dismissed the class action lawsuit filed against Barnes & Noble stemming from a data breach in 2013. The breach occurred when credit and debit card PIN pads were compromised at 63 Barnes & Noble...more
10/10/2016
/ Barnes and Noble ,
Books ,
Class Action ,
Data Breach ,
Debit and Credit Card Transactions ,
Dismissals ,
Federal Rule 12(b)(6) ,
Fraudulent Charges ,
Identity Theft ,
Point of Sale Terminals ,
Popular ,
Retail Market ,
Retailers
We watch closely for any guidance to HIPAA covered entities and business associates from the Department of Health and Human Services Office for Civil Rights (HHS/OCR). Why? Because there is so little of it. Lately, the only...more
10/10/2016
/ Business Associates ,
Covered Entities ,
Cybersecurity ,
Data Protection ,
Department of Health and Human Services (HHS) ,
GAO ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
NIST ,
OCR
The New Jersey Spine Center was hit with a variant of CryptoWall ransomware on July 27, 2016 that encrypted its electronic health record and its backup files. A double whammy....more
10/7/2016
/ Cyber Attacks ,
Data Breach ,
Electronic Medical Records ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach ,
Malware ,
PHI ,
Ransomware
I never knew that since 2006, October has been designated as National Bullying Prevention Awareness Month. According to the Department of Health and Human Service’s website, “This year’s Bullying Prevention Awareness Month...more
It has been reported that the White House is investigating a hacking of the Gmail account of a contract worker who was working on the First Lady’s advance team responsible for logistics. The hacking included emails from...more
Trump International Hotels Management has agreed to pay the State of New York $50,000 for two data breaches that exposed over 70,000 customer credit card numbers and other personal information, according to New York Attorney...more
10/4/2016
/ Breach Notification Rule ,
Credit Cards ,
Data Breach ,
Hackers ,
Hospitality Industry ,
Hotels ,
Malware ,
Payment Systems ,
Personally Identifiable Information ,
Popular ,
Trump Administration
On September 21, 2016, the federal government, through the National Highway Transportation and Safety Administration (NHTSA), released “Federal Automated Vehicles Policy: Accelerating the Next Revolution in Roadway Safety,”...more
We previously reported that several U.S. Olympians’ medical records were posted online by the Russian hacking group Fancy Bear.
The World Anti-Doping Agency (WADA) has confirmed that the medical records of 25 more...more