The US Department of Health Human Services (HHS) is seeking public comments about the appropriate role of “recognized security practices” in enforcement of the HIPAA Security Rule. Congress, through an amendment to the HITECH...more
Connecticut’s new cybersecurity standards law, which goes into effect on October 1, 2021, protects companies from punitive damages in certain data breach actions where an organization has a cybersecurity program that conforms...more
10/1/2021
/ Affirmative Defenses ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Information Security Modernization Act (FISMA) ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
NIST ,
Popular ,
Safe Harbors ,
State Data Breach Notification Statutes
The decision to pay millions to a cyber criminal has never been easy, but it is now even more complex. The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) issued an updated advisory on September 21,...more
The National Institute of Standards and Technology (NIST) is seeking public comment as it prepares to update its Introductory Resource Guide on implementing the Health Insurance Portability and Accountability Act (HIPAA)...more
On April 14, the Department of Labor’s Employee Benefits Security Administration (EBSA) issued its first cybersecurity-focused guidance related to benefit plans regulated by Employee Retirement Income Security Act (ERISA)....more