The major current cybersecurity story involves a popular SolarWinds network managing software package, Orion. A sophisticated actor, with the signatures of a nation state, infiltrated Orion in a software update. Once inside,...more
2020 was a year like no other. From an unprecedented “work from home” shift to a blockbuster European court ruling to a mammoth cyber attack, businesses scrambled to adapt to an endless series of cyber challenges. 2021 shows...more
1/20/2021
/ Biden Administration ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
Popular
The New York Department of Financial Services (NYDFS) has launched its first enforcement action under New York’s Cybersecurity law for financial services, so-called Part 500. Part 500 requires NYDFS licensed institutions to...more
9/23/2020
/ Banking Sector ,
Chief Information Security Officer (CISO) ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Financial Institutions ,
Financial Services Industry ,
Information Technology ,
Insurance Industry ,
NYDFS ,
Personally Identifiable Information ,
Popular ,
Risk Assessment ,
Risk Management
Employers are responding to COVID-19 by allowing, and even mandating remote working. Companies ranging from Amazon, Microsoft, and Google to local design shops have asked employees to work from home. While increasingly common...more
Last week, Indiana based Medical Informatics Engineering, Inc. (MIE) agreed to pay $100,000 to the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR). MIE provides electronic health record and related...more
6/6/2019
/ Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach ,
OCR ,
PHI ,
Popular ,
Settlement ,
State Attorneys General
Blockchain technology combines several features of existing financial infrastructure. It is partly a mass repository of historical transactions, partly a decentralized clearinghouse, and partly a digital currency. It is also...more
The United States has traditionally taken a libertarian approach to data privacy: “what is not forbidden is permitted.” Outside sensitive sectors such as health (HIPAA) and finance (GLBA), the United States was historically...more
12/20/2016
/ Corporate Counsel ,
Data Privacy ,
Data Protection Authority ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
International Data Transfers ,
Internet Service Providers (ISPs) ,
National Security ,
Popular ,
Safe Harbors ,
Schrems I & Schrems II
A few months ago, we analyzed ransomware incidents and offered some suggestions for handling an episode. Ransomware is a cyberattack in which a hacker uses malware to take control of computer systems. The system owner is...more
J. K. Rowling’s world of Harry Potter included an array of amazing artifacts; our personal favorites were the books and pictures that changed themselves. Two decades later, a world of Kindles and iPads echoes the wonders of...more
In 2013, hackers attacked a venerable Swansea, Massachusetts institution via ransomware. Ransomware is software that locks users out of computers or specific files until the victim pays a “fee” to release the lock. Such...more
In recent weeks, hundreds of businesses around the country have been hit by an email “phishing” scam that is both brilliant in its exploitation of workplace power dynamics and potentially devastating in its effects. This...more