DHS and Cyber: What Should Companies Expect?
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more
Report on Patient Privacy 23, no. 12 (December, 2023) Northwell Health in New York and Cook County Health in Chicago each experienced impacts from a breach at Nevada-based transcription company Perry Johnson & Associates...more
Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more
In response to a constantly-evolving cyber threat landscape, the Biden Administration recently announced the launch of a new cybersecurity labeling program – the U.S. Cyber Trust Mark program – in an effort to enhance...more
It’s the call you hope you never get. Your company has been hit with a ransomware attack. Your systems are offline. Your customer data was stolen by an unknown threat actor who is threatening to leak it. You have lots of...more
Report on Patient Privacy 22, no. 2 (February, 2022) - Tensions between the U.S. and Russia could lead to a heightened risk of Russian state-sponsored cyberattacks on U.S. interests, including health care organizations,...more
Report on Patient Privacy 21, no. 12 (December, 2021) - Huntington Hospital in New York has sent notices to approximately 13,000 patients about an incident that happened in late 2018 and early 2019 involving a night shift...more
Happy Data Privacy Day! Since 2007, privacy professionals from across the globe have gathered together on January 28 to raise awareness about data privacy and security best practices and issues. ...more
As if 2020 hasn’t caused enough hardship and headaches for employers already, the FBI and U.S. Cybersecurity Infrastructure Security Agency (“CISA”) recently issued a joint Cybersecurity Advisory Alert warning employers about...more
Especially with their children now homebound, bored and seeking virtual social contact, many parents are particularly concerned about educating their children – preschool through high school — of the risks inherent in social...more
The Cybersecurity Information Sharing Act of 2015 (CISA) was intended to incentivize private entities to share threat intelligence information with the federal government (specifically the Department of Homeland Security),...more
While all companies should be concerned with their cybersecurity posture, companies in the aerospace, defense, and government services (ADG) industry are potentially subject to greater risks due to the industry's highly...more
Privacy Shield – An Early Reflection - EU law generally prohibits the transfer of personal data from the European Economic Area to the U.S., unless the transfer is made in accordance with an authorized data transfer...more
When President Obama signed into law the Cybersecurity Act of 2015, which was designed to facilitate information sharing on cybersecurity threats between the public and private sectors, proponents hailed it as “our best...more
Last week, the U.S. Department of Homeland Security (“DHS”) and the U.S. Department of Justice (“DOJ”) provided guidance on an open question in the Cybersecurity Information Sharing Act (“CISA”): What type of information may...more
On June 15, in response to feedback from non-federal entities on guidance released in February, the Departments of Homeland Security (DHS) and Justice (DOJ) issued updated guidance for companies about sharing cyber threat...more
Reacting to the influx of recent, high-profile data breaches and cybersecurity attacks in the government and the private sector, the U.S. Senate earlier this week passed the controversial Cybersecurity Information Security...more
While the U.S. House of Representatives has already adjourned for the month-long August recess, the U.S. Senate remains in session and could take up a measure to address cybersecurity information-sharing as one of its last...more
The heat of summer may be upon us, but in Congress and in many state legislatures the attitude toward passing major data breach legislation has considerably cooled. We predicted some months ago that 2015 might be the...more