The HHS Office of the National Coordinator for Health Information Technology (ONC) and the HHS Office for Civil Rights (OCR) released an updated Security Risk Assessment (SRA) Tool this week. All covered entities and business...more
10/19/2018
/ Business Associates ,
Covered Entities ,
Cybersecurity ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Duty to Update ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
ONC ,
Popular ,
Risk Mitigation ,
Security Risk Assessments
States continue to amend their Data Protection and Breach Notification Requirements. Maryland and Delaware are the most recent states to pass legislation designed to bring additional precision to an organization's...more
Regardless of whether you have experienced any disruptions to date, you cannot ignore the major global cybersecurity attack that continues to plague organizations. A particularly destructive piece of malicious software, the...more
On November 22, 2016, the University of Massachusetts Amherst (UMass) agreed to pay $650,000 and enter into a corrective action plan to settle allegations that it violated the HIPAA Privacy and Security Rules in connection...more
Ransomware, a specialized form of malware used for extortion attempts, has been around the internet for more than a decade but now, because of a rash of recent attacks, has moved to the forefront as the most problematic cyber...more
Hollywood Presbyterian Medical Center in Los Angeles recently paid a $17,000 ransom in bitcoins to a malware hacker who seized control of the hospital's computer systems and demanded money ransom as a condition to returning...more
On December 18, 2015, President Obama signed the 2016 Consolidated Appropriations Act. Included in this must-pass federal funding legislation is the Cybersecurity Act of 2015, which represents the most significant federal...more
On October 6, 2015, the Court of Justice of the European Union declared invalid the more than 15-year-old EU-U.S. Safe Harbor Framework. Thousands of U.S. businesses have complied with, and thus relied upon, the Safe Harbor...more
10/8/2015
/ Binding Corporate Rules ,
Cybersecurity ,
Data Protection Authority ,
Edward Snowden ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Ireland ,
National Security ,
National Security Agency (NSA) ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
On December 18, 2014, President Barack Obama signed several significant cybersecurity bills into law. These bills include the Federal Information Security Modernization Act, the Border Patrol Agent Pay Reform Act, the...more
As reported in the media, a serious vulnerability in the popular OpenSSL cryptographic software library, called the Heartbleed bug, was recently discovered. This vulnerability permits the theft of information, including...more
On March 28, 2014, the HHS Office of the National Coordinator for Health Information Technology (ONC), in conjunction with the HHS Office for Civil Rights (OCR), released a Security Risk Assessment tool (SRA tool) to assist...more