News & Analysis as of

Breach Notification Rule Cyber Attacks

McCarter & English, LLP

Season of Enforcement: OCR Announces Its Sixth Enforcement Action of 2025

With 2025 barely three weeks old, the US Department of Health and Human Services Office for Civil Rights (OCR) has already announced six enforcement actions for the new year. Particularly significant is the advancement of...more

Foley & Lardner LLP

OCR Says HIPAA Audits Will Resume: OIG Makes Recommendations for Enhancement

Foley & Lardner LLP on

Recognizing the increasing number of successful cyberattacks targeting health care organizations and their valuable patient data, the Office of the Inspector General (OIG) is calling for enhancements to the HIPAA audit...more

Wilson Sonsini Goodrich & Rosati

New EU Cybersecurity Obligations for Connected Devices: What You Need to Know

On October 10, 2024, the European Union officially adopted the Cyber Resilience Act (CRA), which introduces cybersecurity obligations for internet-connected hardware and software products offered in the EU (such as...more

Health Care Compliance Association (HCCA)

Privacy Briefs: September 2024

The HHS Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying 946,801 people whose protected health information or other personally identifiable information...more

Epiq

Cyber Incidents on the Rise: Tips for Effective Data Breach Notification

Epiq on

Cyber incidents have been growing at an exponential rate in recent years. A recent report from the Identity Theft Resource Center found that there were over one billion data breach victims in Q2 of 2024, which is around five...more

Troutman Pepper Locke

Notifying Law Enforcement of Security Incidents - Dear Mary – Incidents + Investigations Cybersecurity Advice Column

Troutman Pepper Locke on

“Dear Mary” is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related — data breaches, forensic investigations, how to...more

Fox Rothschild LLP

Navigating the CDK Global Ransomware Attack: Practical Guidance for Auto Dealerships

Fox Rothschild LLP on

CDK Global, a key provider of cloud-based software for auto dealerships, suffered a severe ransomware attack this week, disrupting operations for thousands of dealerships across North America. The attack has crippled vital...more

ArentFox Schiff

Providers Face HIPAA Compliance Questions After Change Healthcare Cyberattack

ArentFox Schiff on

Who will notify the potentially millions of individuals whose information might have been jeopardized by the massive cyberattack on Change Healthcare? Since the affiliate of UnitedHealth Group (UHG) first reported the...more

Spilman Thomas & Battle, PLLC

The Health Record - Healthcare Law Insights, Issue 1, May 2024

Welcome to our inaugural issue of The Health Record - our healthcare law insights e-newsletter! As such, we wanted to pull together our insights and pass them along to you. Our goal is to create a publication that is...more

Spilman Thomas & Battle, PLLC

Decoded Technology Law Insights, V 5, Issue 4, May 2024

MIT Report Details New Cybersecurity Risks - “Cloud misconfigurations, more sophisticated ransomware, and vendor exploitation attacks are contributing to rising cyberattacks.” Why this is important: Worldwide spending...more

Health Care Compliance Association (HCCA)

UHG’s Breach Response May Prove Enlightening for Others

Organizations typically deal with ransomware attacks out of the public eye, but the massive scale of United Healthcare Group’s (UHG) February breach made that an impossibility. UHG CEO Andrew Witty was recently on the hot...more

ArentFox Schiff

Key Takeaways from OCR’s CY22 HIPAA Reports to Congress

ArentFox Schiff on

On February 14, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its annual reports to Congress detailing its actions to enforce the privacy, security, and breach notification...more

Kohrman Jackson & Krantz LLP

You’ve Been Hacked. Who You Gonna Call?

Your company was hacked. You feel panic, embarrassment, anger, fear and confusion. But you must act quickly, logically and decisively to stop the bleeding and protect your business, your customers and your employees. The good...more

Alston & Bird

The Digital Download – Alston & Bird’s Privacy & Data Security Newsletter – November 2023

Alston & Bird on

Publications and Advisories - November 13, 2023 – Kathleen Benway, Kate Hanniford, Amy Mushahwar, Kim Peretti, and Lance Taubin published “Privacy, Cyber & Data Strategy Advisory: FTC Approved New Data Breach Notification...more

White & Case LLP

The SEC’s Charges Against SolarWinds and its Chief Information Security Officer Provide Important Cybersecurity Lessons for Public...

White & Case LLP on

On October 30, 2023, the US Securities and Exchange Commission ("SEC") announced that it filed charges against SolarWinds Corp. ("SolarWinds" or the "Company") and its Chief Information Security Officer ("CISO") in connection...more

Jackson Lewis P.C.

Importance of Protecting Employee Information as Privacy and Cybersecurity Laws Proliferate

Jackson Lewis P.C. on

Most human resources professionals are concerned about the privacy and security of the vast amounts of personal information they manage. This article discusses steps to consider taking against the challenges. Deluge of...more

Health Care Compliance Association (HCCA)

Privacy Briefs: June 2023

Privacy Briefs: June 2023 - Long-term care pharmacy network PharMerica disclosed a breach involving more than 5.8 million patients, making it the largest breach reported to the HHS Office for Civil Rights (OCR) in the last...more

Rothwell, Figg, Ernst & Manbeck, P.C.

Learning From Data Breach Cases To Reduce Legal Risk

The average cost of a data breach is on the rise. According to the 2022 ForgeRock Consumer Identity Breach Report, the average cost in 2021 of recovering from a data breach in the U.S. is $9.5 million — an increase of 16%...more

Perkins Coie

2022 Breach Notification Law Update: State and Federal Requirements Continue To Evolve

Perkins Coie on

Cyberattacks continue to plague businesses, making the fallout of data breach notification and response as critical as ever. This year, like 2021, has been relatively quiet as it relates to state updates to breach...more

Jackson Lewis P.C.

Healthcare Companies Seek to Manage Risk of Ransomware Attacks, According to Report

Jackson Lewis P.C. on

Healthcare companies continue to face increased risks of ransomware attacks on their operations. According to the recently released BD Cybersecurity Annual Report for 2021, such attacks are also increasingly sophisticated....more

Lowenstein Sandler LLP

Subrogation Actions Following Ransomware Claims: What Policyholders Should Expect in the Ever-Changing Cyber Insurance Market

Ransomware attacks continue to challenge U.S. companies, with cybercriminals now routinely extorting companies for multimillion-dollar payouts. A company that experiences an attack will likely seek coverage under its cyber...more

Jackson Lewis P.C.

The RIPTA Data Breach May Provide Valuable Lessons About Data Collection and Retention

Jackson Lewis P.C. on

Efforts to secure systems and data from a cyberattack often focus on measures such as multifactor authentication (MFA), endpoint monitoring solutions, antivirus protections, and role-based access management controls, and for...more

Wyrick Robbins Yates & Ponton LLP

App-etite for Notification: FTC Says “Welcome to the Jungle” to Mobile Health App Developers in Policy Statement on Health Breach...

Last week’s news that the Federal Trade Commission is taking steps to begin rulemaking on consumer privacy and artificial intelligence drew plenty of attention from privacy professionals, and suggests 2022 could be an...more

Jackson Lewis P.C.

Responding to the Kronos Cyber Attack – What Should Employers Be Thinking About?

Jackson Lewis P.C. on

According to reports, Kronos, the cloud-based, HR management service provider, suffered a data incident involving ransomware affecting its information systems. Kronos communicated that it discovered the incident late on...more

Burr & Forman

Data Breach Notification Laws in the United States: What is Required and How is that Determined?

Burr & Forman on

Has your business considered what obligations you would have to notify people in the event of a cyber-attack that compromises some or all of your IT systems? Have you cataloged all the data you collect and where it is stored...more

91 Results
 / 
View per page
Page: of 4

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide