We have been watching all of the activity around the proposed amendments to the California Consumer Privacy Act (CCPA) to see where the law settles to assist with compliance....more
Vicious malware continues to be deployed by China-based attackers. A new strain of malware, dubbed “HiddenWasp,” which has the ability to remotely infect computers, has been discovered by a security researcher at Intezar....more
Another day in the healthc are industry, another big data breach.
This week, Quest Diagnostics announced in a security filing with the Securities and Exchange Commission, that a collection agency vendor that it uses for...more
Although many thought that WannaCry was in the rear view mirror, a recent report by Artemis, based on client experience, found that health care organizations and manufacturing companies are still being hit with the ransomware...more
5/31/2019
/ Cyber Crimes ,
Cyber Insurance ,
Cybersecurity ,
Data Privacy ,
Enforcement Actions ,
Hackers ,
Health Care Providers ,
HIPAA Breach ,
Malware ,
Manufacturers ,
OCR ,
Personally Identifiable Information ,
Ransomware ,
Robocalling ,
Telemarketing
Although many thought that WannaCry was in the rear view mirror, a recent report by Artemis, based on client experience, found that health care organizations and manufacturing companies are still being hit with the ransomware...more
One of the first questions we ask our clients when they call about a security incident is whether they have insurance that may cover the costs associated with investigating the incident, potential forensic analysis, and...more
Like many of you, I don’t answer my cell phone unless the number pops up as someone I know, because a majority of the calls I get are spam or robocalls. It’s so frustrating....more
The North American Securities Administrators Association (NASAA) this week approved an information security model rule package aimed at improving the cybersecurity posture of the 17,543 state-registered advisers.
...more
5/24/2019
/ Contract Drafting ,
Cryptocurrency ,
Cybersecurity ,
Data Privacy ,
Electronic Protected Health Information (ePHI) ,
FinCEN ,
Hackers ,
Investment Adviser ,
Mobile Apps ,
Model Rules ,
Money Laundering ,
Money Services Business ,
NASAA ,
Phishing Scams ,
Popular ,
Securities Regulation ,
Virtual Currency ,
WhatsApp
In the top three of the list of highly sensitive personal data to be concerned about is our medical information. It’s so sensitive because it is so personal. It used to be that our medical information was located in paper...more
5/24/2019
/ 23andMe ,
Business Associates ,
Covered Entities ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Genetic Testing ,
Health Information Technologies ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Medical Records ,
OCR ,
Personal Data ,
Risk Management
The North American Securities Administrators Association (NASAA) this week approved an information security model rule package aimed at improving the cybersecurity posture of the 17,543 state-registered advisers....more
It is not unusual for lawyers to send emails to individuals and businesses they are about to sue to engage them before they do file suit to see if a settlement can be discussed or reached. ...more
We have been involved in several situations lately with security incidents where we ask our clients for the final executed contract with the vendor that we believe caused the incident, but the contract that we receive has not...more
According to a recent FBI Flash, Ryuk ransomware has hit more than 100 U.S. companies since August 2018, with a “disproportionate impact on logistics companies, technology companies, and small municipalities.”
...more
In the Privacy Law classes I teach in the Brown University Executive Masters of Cybersecurity and at Roger Williams University School of Law, we discuss the enforcement authority that the Federal Trade Commission (FTC), the...more
According to a recent FBI Flash, Ryuk ransomware has hit more than 100 U.S. companies since August 2018, with a “disproportionate impact on logistics companies, technology companies, and small municipalities.”...more
5/20/2019
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
FBI ,
Hackers ,
Malware ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Risk Management
These days, pretty much everyone is aware of potential security incidents and the risks involved with Internet of Things (IoT) devices because security was not built into the device during the manufacturing process, but there...more
Hotel chain Fillmore Hospitality, LLC is the latest target of a proposed class action complaint filed this week, alleging violation of the Illinois Biometric Information Privacy Act (BIPA). We don’t usually discuss the...more
5/13/2019
/ Biometric Information ,
Class Action ,
Contract Management ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Dating Services ,
Drones ,
Federal Aviation Administration (FAA) ,
HIPAA Breach ,
Mobile Apps ,
Organ Donation ,
Popular ,
Ransomware ,
Supply Chain ,
Unmanned Aircraft Systems ,
Vendors
Another city, another ransomware attack. Cities and municipalities continue to be targeted with ransomware campaigns. Fortunately, in this case, essential services such as fire, police, Emergency Medical Services and 311...more
As someone who has been married a long time (longer than the Internet has existed), I never experienced the online dating scene. Everyone has their own opinion on the topic, and without getting into the merits of online...more
We continue to see clients hit with notifications from vendors about security incidents caused by either the vendor or the vendor’s downward supply chain....more
Hotel chain Fillmore Hospitality, LLC is the latest target of a proposed class action complaint filed this week, alleging violation of the Illinois Biometric Information Privacy Act (BIPA)....more
5/10/2019
/ Biometric Information ,
Biometric Information Privacy Act ,
Class Action ,
Data Collection ,
Data Management ,
Employee Privacy Rights ,
Employer Liability Issues ,
Fingerprints ,
Hospitality Industry ,
Injunctive Relief ,
Statutory Damages ,
Timekeeping ,
Wage and Hour ,
Written Consent
I continuously confront vendors who say I am “the only” lawyer who objects to limitation of liability provisions that attempt to limit the liability of a security incident to the amount of the contract....more
According to a recent survey of cybersecurity professionals by AT&T Cybersecurity entitled “Confidence: the perception and reality of cybersecurity threats,” phishing and cloud security threats are keeping them up at night....more
I attended a meeting of cybersecurity professionals recently and overheard several of them talking about their new security cameras and how great it is to see everyone who comes up the driveway and to the front door, and...more
According to a recent survey of cybersecurity professionals by AT&T Cybersecurity entitled “Confidence: the perception and reality of cybersecurity threats,” phishing and cloud security threats are keeping them up at...more
5/3/2019
/ Best Practices ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Drones ,
Federal Aviation Administration (FAA) ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Limitation of Liability Clause ,
Phishing Scams ,
Popular ,
Unmanned Aircraft Systems