No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
State AG Pulse | CT AG Reacts to Genetic Data Breach
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: State Privacy and Data Collection
The Federal Trade Commission’s (FTC) years-long effort to modernize its Health Breach Notification Rule (HBNR) in the midst of a swiftly changing technological landscape appears to be coming to an end. On Thursday, May 30,...more
On October 31, 2023, the Office for Civil Rights (OCR) issued a press release announcing that it has settled with Doctors’ Management Services for $100,000 following a ransomware attack that compromised the protected health...more
Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more
Data Breaches risk legal consequences—both from state and federal governments and consumers, as well as reputational harm. Last month, MCNA—a dental benefit provider—provided notice of a data breach that exposed the...more
Healthcare breaches, including ransomware attacks, continue to increase. As a result, many healthcare organizations seeking cyber coverage to help defray the costs associated with a ransomware attack or other data incident...more
According to the 2022 State of Ransomware Report issued recently by Sophos, it surveyed 5,600 IT professionals from 31 countries, including professionals in the health care sector. Those professionals in the health care...more
On September 15, 2021, the Federal Trade Commission (“FTC”) issued a Policy Statement instructing health app and connected device companies to comply with the Health Breach Notification Rule (“the Rule”). The Rule, codified...more
The California Attorney General ("AG") has issued guidance reminding health care providers of their duty to report health care data breaches and to comply with other state and federal data privacy laws....more
Report on Patient Privacy 20, no. 12 (December 10, 2020) - Suspected North Korean hackers have tried to break into the systems of British drugmaker AstraZeneca in recent weeks as the company races to deploy its COVID-19...more
Report on Patient Privacy 20, no. 11 (November 2020) - In her 14-plus years of investigating and blogging about hacking and breaches, “Dissent” has been yelled at, threatened with lawsuits and accused of being a criminal....more
Health care organizations continue to be a popular target for hackers. According to information from the U.S. Department of Health & Human Services (HHS), over 30 reports of data breaches have been filed by health care...more
Beginning in 2016, the computer hacking organization known as “The Dark Overlord,” began to target victims in the St. Louis, Missouri area, including various health care providers, several accounting firms, and a medical...more
The Office for Civil Rights (OCR) announced that it has fined the Texas Health and Human Services Commission (TXHHS) $1.6 million for HIPAA violations. This is one of the few fines the OCR has levied against a state agency....more
EU Court Allows Class Action to Proceed, Sets Precedent for Future Data Breach Class Actions - A class action brought against Google will be allowed to move forward after the plaintiff’s appeal was permitted, allowing him to...more
In accordance with the Inflation Adjustment Act, the Department of Health and Human Services (HHS) has updated its regulations to reflect required annual inflation-related increases to civil monetary penalties, including...more
July 2019 was the worst month in history for health care data breaches, with a total of 50 breaches that affected a total of more than 500 records reported to the Office for Civil Rights (OCR) according to HIPAA Journal. ...more
Ohio Attorney General Dave Yost recently announced a multistate settlement that will require health insurance company Premera Blue Cross to pay $10 million following a breach of protected health information (PHI). According...more
On August 12, Mahesh Nattanmai, New York’s Chief Health Information Officer, issued a notice letter (“the notice”) on behalf of the New York State Department of Health (“Department”) requiring healthcare providers to use a...more
• New York recently enacted the Stop Hacks and Improve Electronic Data Security (SHIELD) Act, which expands data breach notification requirements and imposes new data security obligations on businesses that own, license or,...more
Maine Bill Requires ISPs to Obtain Opt-In Consent from Customers - The Maine legislature has passed a bill that requires internet service providers (ISPs) operating in Maine to obtain express, affirmative consent from...more
Last week, Indiana based Medical Informatics Engineering, Inc. (MIE) agreed to pay $100,000 to the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR). MIE provides electronic health record and related...more
Taking affirmative steps to protect sensitive IT information from disclosure during litigation is critical prior to, during and after cybersecurity incidents. Counsel and IT professionals can apply recent commentary from the...more
Hotel chain Fillmore Hospitality, LLC is the latest target of a proposed class action complaint filed this week, alleging violation of the Illinois Biometric Information Privacy Act (BIPA). We don’t usually discuss the...more
According to a February 12, 2019 Press Release from Protenus, a developer of analytics for patient privacy monitoring and compliance, 15,085,302 patient records were breached in 2018 – a startling number made even more...more
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services recently announced that 2018 was a significant year in Health Insurance Portability and Accountability Act (HIPAA) enforcement activity. ...more