Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
Get Me Off This Ride: Understanding the Emotional Rollercoaster After a Ransomware Attack - Unauthorized Access Podcast
HIPAA Tips With Williams Mullen - Bonus Episode
Welcome to our seventh 2024 issue of Decoded - our technology law insights e-newsletter. We have a few events we want to pass along to those interested in technology, but also other areas of law and business. ...more
The Current Status of Privacy Laws Across the United States - Unlike the General Data Protection Regulation (GDPR) in the European Union (EU), the United States does not have a nationwide comprehensive data privacy law....more
The year 2023 was a busy one for regulatory, compliance, and enforcement developments in the healthcare and life sciences industries, and 2024 promises to be even busier. We tapped MoFo’s Life Sciences + Healthcare Compliance...more
On December 6, 2023, HHS released a concept paper that outlines the Department’s cybersecurity strategy for the healthcare sector titled, “Healthcare Sector Cybersecurity Strategy.” HHS reports that cyber incidents in...more
News Briefs - Senate Committee Advances Bill on 'Ghost Providers,' PBMs - In a unanimous 26-0 vote, the Senate Finance Committee passed a comprehensive draft package that puts pharmacy benefit manager reform and mental health...more
On November 14, 2022, under contract with the United States Food and Drug Administration (FDA), the MITRE Corporation (MITRE), an organization that administers the National Cybersecurity Center of Excellence, a federally...more
Report on Patient Privacy 22, no. 9 (September, 2022) - More than 92% of patients believe privacy is a right and their health data should not be available for purchase, according to a survey from the American Medical...more
Universities Share Lessons Learned from Ransomware Attacks "According to a recent Sophos poll of IT professionals, 44 percent of educational institutions suffered ransomware attacks in 2020, and 58 percent of those hit...more
The PATCH Act: Protecting Medical Devices from Cyber Attacks - In a previous issue of Decoded, we discussed the alarming fact that many medical devices, including those implanted in patients' bodies, are leaving the...more
House Subcommittee Debates Device Remanufacturing Definition, Sends User-Fees Bill to Next Stage "Proponents of the remanufacturing bill are looking to better distinguish between medical device remanufacturing, and...more
Report on Medicare Compliance 31 no. 18 (May 16, 2022) - In a version of the future that hopefully never comes, malware is able to remove malignant-looking tumors from CT or MRI scans before they were reviewed by...more
Report on Patient Privacy 22, no. 1 (January, 2022) - As the COVID-19 pandemic enters its third year, real “security fatigue” with pandemic-related issues will combine with cybercriminals’ increasingly sophisticated...more
PA Health Dept Sued; Investigation Looms, After Contact Tracing Breach "The PA health dept. is being sued, after employees of its vendor Insight Global set up an unsecured channel to share COVID-19 contact tracing data,...more
The Department of Health and Human Services (HHS) has released a publication entitled the "Health Industry Cybersecurity Practices (HICP): Managing Threats and Protecting Patients." The HICP was prepared in response to the...more
• The U.S. Department of Health and Human Services on Dec. 28, 2018, announced the release of the "Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients" that provides a "Call to Action" to make...more
On December 28, 2018, the U.S. Department of Health and Human Services (“HHS”) closed out the year by releasing long-awaited voluntary cybersecurity guidelines for the health care industry. The four-volume publication,...more
We have previously reported on the ongoing cybersecurity issues with St. Jude defibrillators [view related posts here, here, and here]. On June 29, 2018, the Food and Drug Administration (FDA) classified the required firmware...more
Inogen, which manufactures portable oxygen devices, has alerted the Securities and Exchange Commission in a recent filing that it is notifying 30,000 individuals that their personal information was compromised when a hacker...more
Recently, the Health Care Industry Cybersecurity Task Force (the “Task Force”) issued its Report on Improving Cybersecurity in the Health Care Industry (the “Report”). The Task Force, which was created by Congress as part of...more
The fall-out from WannaCry continues, particularly in the healthcare sector. There are new reports that WannaCry affected at least two hospital systems in the U.S. and encrypted medical devices (power injector systems)...more
As a wave of devastating ransomware-based attacks spread across the globe last week, it became abundantly clear that the medical industry at large was ill-prepared for the threat despite years of warnings. The virus hit...more
New York’s Cybersecurity Requirements for DFS Licensees: A New Item at the Top of the To Do List - With a compliance date a few months away, licensees of the New York Department of Financial Services (DFS) must start...more
A few months ago, we analyzed ransomware incidents and offered some suggestions for handling an episode. Ransomware is a cyberattack in which a hacker uses malware to take control of computer systems. The system owner is...more