Data Privacy & Cybersecurity PracticeOn March 30, 2020, the FBI announced that it has received multiple reports of video-teleconferencing (VTC) hijacking attacks in recent weeks. The attacks target the VTC platform Zoom and involve unidentified individuals joining online meetings and disrupting them with pornographic and/or hate images and speech. This type of attack is being referred to as “Zoom-bombing.”
Read more »Data Privacy & Cybersecurity
-
How to Protect Yourself from Zoom-Hijacking Posted on: April 09, 2020 In: Data Privacy & Cybersecurity
-
Legislative Alert: Virginia Expands Insurance Data Security Requirements Posted on: March 31, 2020 In: Data Privacy & CybersecurityOn February 25, 2020, the Virginia State Legislature passed House Bill 1334, the Insurance Data Security Act, which establishes data security requirements applicable to persons licensed by the insurance laws of the Commonwealth. Following on other state laws that have created data security regimes applicable to the insurance industry, the Virginia law requires licensees to maintain the security of information systems and nonpublic information.
Read more »
-
OCR Announces HIPAA Telehealth Security Waiver in Response to COVID-19 Pandemic Posted on: March 20, 2020 In: Data Privacy & Cybersecurity, COVID-19 ResponseThe Office for Civil Rights (OCR) at the Department of Health and Human Services (HHS), which is the body responsible for enforcing certain regulations pursuant to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), is exercising its enforcement discretion to meet the needs of health care providers and patients during the COVID-19 (Coronavirus) public health emergency.
Read more »
-
Legislative Alert: Vermont Expands Definition of Personal Information and Enacts Protections for Student Privacy and Automatic Subscription Renewals Posted on: March 19, 2020 In: Data Privacy & CybersecurityOn March 5, 2020, Vermont Governor Phil Scott signed into law Senate Bill 110, which amends sections of Chapter 62 of the Vermont Statutes Annotated - “Protection of Personal Information” - including Sections 2430, 2435, and 2454. The bill also adds Section 2443 to the chapter, which governs the privacy of student information belonging to preschool, kindergarten, elementary, and secondary school students.
Read more »
-
Washington State Data Breach Notification Statute Updates Go Into Effect, Imposing New Requirements on Businesses Posted on: March 17, 2020 In: Data Privacy & CybersecurityEffective March 1, 2020, amendments to the Washington State data breach notification statute made the law significantly more onerous for companies dealing with data security incidents. The amendments, which we first covered in May 2019, expanded the definition of personal information, shortened the deadlines for notification, and imposed additional requirements for notice contents.
Read more »
-
ALERT: COVID-19 / Coronavirus-Related Ransomware and Phishing Attacks Posted on: March 13, 2020 In: Data Privacy & Cybersecurity, COVID-19 ResponseWith the advent of the Coronavirus, criminals have begun to take advantage of what consumers expect to receive via email to conduct phishing attacks. Criminals are also expected to take advantage of millions of vulnerable remote connections from employee home networks to their corporate networks.
Read more »
-
Ransomware and the Paramount Importance of Evidence Preservation for Healthcare Entities Posted on: March 10, 2020 In: Data Privacy & CybersecurityOrganizations regulated by the Healthcare Information Privacy and Accountability Act (HIPAA) must take special care to preserve valuable forensic artifacts at the outset of a ransomware or other cybersecurity event. The HIPAA Breach Notification Rule presumes a cybersecurity incident has resulted in unauthorized access to unsecured protected health information and the burden shifts to the organization to show a low probability of the compromise of the health information it maintains.
Read more »
-
HIPAA Small Breach Notification Deadline is March 1, 2020 – The Clock’s Ticking to Submit to HHS/OCR! Posted on: February 27, 2020 In: Data Privacy & CybersecurityOrganizations that experienced a data incident in 2019 affecting the protected health information (PHI) of less than 500 individuals have just a few more days to submit their notification to the U.S. Department of Health & Human Services’ Office for Civil Rights (HHS/OCR).
Read more »
-
Hot Off the Press: The 2019 FBI Internet Crime Report Posted on: February 24, 2020 In: Data Privacy & CybersecurityRecently-released FBI statistics provide a sobering reminder that businesses and individuals should continue to make cybersecurity a top priority in 2020. According to the FBI’s 2019 Internet Crime Report, internet crime complaints are at an all-time high. In addition, the magnitude of resulting losses is also reaching new heights.
Read more »
-
Nevada Passes Privacy Law Posted on: January 09, 2020 In: Data Privacy & CybersecurityWhile much has been made of the California Consumer Privacy Act (CCPA), which took effect on January 1, 2020, new security laws in other states – like Nevada – have been almost entirely ignored.
Read more »
-
Tax Return Theft: Tips for Prevention and Response Posted on: January 06, 2020 In: Data Privacy & CybersecurityAs the Internal Revenue Service warned tax professionals in November, malicious actors are currently attempting to hack into tax preparers’ networks to steal 2020 tax return information. If you are a professional tax preparer, you are a target – regardless of the size of your business.
Read more »
-
Cybersecurity Resolutions for 2020 Posted on: January 03, 2020 In: Data Privacy & CybersecurityA new year is once again upon us, which means people across the world will resolve to exercise more, eat healthier, eliminate financial debt and, most importantly, enhance their cybersecurity practices over the coming year. Good luck to all in this time-honored annual quest!
Read more »
Blog Search
Featured Posts
Blog Tags
alabama
american bar association
arkansas
audit
biometric data
bipa
breach notification
california
ccpa
client notification
colorado
congress
consent order
consumer consent
consumer notification
coronavirus
covid19
credit report
critical security controls
cryptocurrency
cryptojacking
cybersecurity
cyber threat
data breach
data privacy
data privacy act
data security
digital forensics
dmarc
electronic information
electronic protected health information
email
employment
equifax
eu
eu-u.s. privacy shield
european parliament
european unioin
european union
fbi
fcra
federal trade commission
fines
forensics
fraud alert
gdpr
hacker
hacking
healthcare
hhsocr
hipaa
holiday season
human resources
identity theft
illinois
incident response
information security
internet service provider
irs
it
legislative alert
malware
managed service providers
maryland
maze
michigan
microsoft office 365
model law
modlishka
multi-factor identification
naic
new jersey
new mexico
new york
ninth circuit
nist framework
nist security controls
online operators
online shopping
oregon
personal data
personal information
phishing
pipeda
ransomware
regulations
sb220
social engineering
social media
spectre
statute
supervisory authorities
supreme court
tax preparers
tax returns
utah
virginia
w2
washington
workplace policy