What We’re Reading - August 6, 2021

Mintz - Privacy & Cybersecurity Viewpoints

Mintz - Privacy & Cybersecurity Viewpoints

There is a glut of information out there regarding privacy and cybersecurity these days.  Our new feature “What We’re Reading” provides a curated list of articles, blogs, newsletters, and books that you may find interesting and helpful.

  • For healthcare providers and other HIPAA-covered entities:  News stories and Health and Human Services Office for Civil Rights (OCR) investigations abound of hackers infiltrating information systems, workforce members impermissibly accessing patients’ health information, and electronic PHI (ePHI) being left on unsecured servers.   The Summer 2021 OCR Newsletter is required reading discussing the importance (indeed, the HIPAA Security Rule requirements….) of Information Access Management and Access Control. 
  • We often discuss data retention/destruction programs with clients, and in this age of Big Data, the answer to the initial question --   how long do you retain data when you no longer actively use it? – is many times “forever.”   Recital 39 of the GDPR and the upcoming California Privacy Rights Act (CPRA) both impose limits on data retention.  In fact, by January 2023, the CPRA will affirmatively prohibit businesses from hanging on to personal information for “each disclosed purpose for which the personal information was collected for longer than is reasonably necessary for that disclosed purpose.”     Another perspective on data “hoarding”  may ring true with business stakeholders – Paul Gillin writes in Computerworld that the consequences go beyond “compliance.”
  • Ransomware – (1) NIST has published draft guidance for organizations concerning ransomware attacks.   The Ransomware Profile can help any organization seeking to implement a risk management framework that deals with ransomware threats….and every organization should be working on that.  (2) The Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security has launched StopRansomware.gov, an interagency resource that providers information regarding ransomware protection, detection, and response guidance in a single website.  It includes ransomware alerts, reports, and resources from CISA, the FBI, and other federal partners in a whole-of-government approach.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Mintz - Privacy & Cybersecurity Viewpoints | Attorney Advertising

Written by:

Mintz - Privacy & Cybersecurity Viewpoints

Mintz - Privacy & Cybersecurity Viewpoints on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.