Data Privacy & Cybersecurity PracticeOrganizations regulated by the Healthcare Information Privacy and Accountability Act (HIPAA) must take special care to preserve valuable forensic artifacts at the outset of a ransomware or other cybersecurity event. The HIPAA Breach Notification Rule presumes a cybersecurity incident has resulted in unauthorized access to unsecured protected health information and the burden shifts to the organization to show a low probability of the compromise of the health information it maintains.
Read more »Data Privacy & Cybersecurity
-
Ransomware and the Paramount Importance of Evidence Preservation for Healthcare Entities Posted on: March 10, 2020 In: Data Privacy & Cybersecurity
-
HIPAA Small Breach Notification Deadline is March 1, 2020 – The Clock’s Ticking to Submit to HHS/OCR! Posted on: February 27, 2020 In: Data Privacy & CybersecurityOrganizations that experienced a data incident in 2019 affecting the protected health information (PHI) of less than 500 individuals have just a few more days to submit their notification to the U.S. Department of Health & Human Services’ Office for Civil Rights (HHS/OCR).
Read more »
-
Hot Off the Press: The 2019 FBI Internet Crime Report Posted on: February 24, 2020 In: Data Privacy & CybersecurityRecently-released FBI statistics provide a sobering reminder that businesses and individuals should continue to make cybersecurity a top priority in 2020. According to the FBI’s 2019 Internet Crime Report, internet crime complaints are at an all-time high. In addition, the magnitude of resulting losses is also reaching new heights.
Read more »
-
Nevada Passes Privacy Law Posted on: January 09, 2020 In: Data Privacy & CybersecurityWhile much has been made of the California Consumer Privacy Act (CCPA), which took effect on January 1, 2020, new security laws in other states – like Nevada – have been almost entirely ignored.
Read more »
-
Tax Return Theft: Tips for Prevention and Response Posted on: January 06, 2020 In: Data Privacy & CybersecurityAs the Internal Revenue Service warned tax professionals in November, malicious actors are currently attempting to hack into tax preparers’ networks to steal 2020 tax return information. If you are a professional tax preparer, you are a target – regardless of the size of your business.
Read more »
-
Cybersecurity Resolutions for 2020 Posted on: January 03, 2020 In: Data Privacy & CybersecurityA new year is once again upon us, which means people across the world will resolve to exercise more, eat healthier, eliminate financial debt and, most importantly, enhance their cybersecurity practices over the coming year. Good luck to all in this time-honored annual quest!
Read more »
-
Threat Intelligence: Maze Ransomware Variant Posted on: December 09, 2019 In: Data Privacy & CybersecurityWhile ransomware variants like GandCrab, Ryuk, and WannaCry have received a lot of attention and cost their victims significant amounts of money, these attacks are rarely accompanied by a credible threat to expose sensitive data. These threat actors are able to monetize their attacks with the extortion payments alone. However, a variant known as Maze (or ChaCha) could change that equation.
Read more »
-
‘Tis The Season: Online Shopping Tips Posted on: December 02, 2019 In: Data Privacy & CybersecurityOnline shopping is a great way to save time and money, especially over the holidays. However, it can leave you – and your information – vulnerable to malicious actors ready to exploit holiday shoppers. Make your data privacy a priority this holiday season by taking time for some simple cybersecurity-related precautions.
Read more »
-
Legislative Alert: California Expands Definition of Personal Information Posted on: November 01, 2019 In: Data Privacy & CybersecurityOn October 11, 2019, California Governor Gavin Newsom signed into law Assembly Bill 1130, which amends The Information Practices Act of 1977, as well as California Civil Code §§ 1798.29, 1798.81.5 and 1798.82. The bill expands the definition of “personal information” under the California data breach notification statutes applicable to businesses and to government agencies.
Read more »
-
Keeping the Creeps Off Your Computer: Tips to Avoid Scareware & Scare Scams Posted on: October 29, 2019 In: Data Privacy & CybersecurityHalloween is a great time to masquerade as your favorite supernatural or otherworldly character, generating harmless screams and candy. Not so harmless is the fear that scammers create by pretending to know something about you or your cyber system in order to scare you into sending them money.
Read more »
-
Amendments to the California Consumer Privacy Act Signed Into Law Posted on: October 25, 2019 In: Data Privacy & CybersecurityAs we near the January 1, 2020 effective date of the California Consumer Privacy Act (CCPA), the California legislature has passed seven amendments to the expansive privacy statute: AB 25, 874, 1130, 1146, 1202, 1355, and 1564. Notably, the amendments alleviate some business concerns by expanding a business’ ability to verify consumer requests under the CCPA.
Read more »
-
Illinois Amends Student Online Personal Protection Act, Adding Data Breach Notification Provisions Posted on: September 17, 2019 In: Data Privacy & CybersecurityOn August 23, 2019, Illinois Governor J.B. Pritzker signed into law the Student Online Personal Protection Act of 2019 (SOPPA). Amending the previous version of SOPPA, this ambitious legislation gives parents greater control over student data, imposes new breach notification requirements, and regulates the collection and use of student data.
Read more »
Blog Search
Featured Posts
Blog Tags
alabama
arkansas
audit
bank secrecy act
biometric data
breach notification
california
canada
ccpa
client notification
coast guard
colorado
congress
consumer consent
consumer notification
coronavirus
covid-19
credit card fraud
credit report
cryptocurrency
cybersecurity
cyber threat
data breach
data privacy
data security
department of state
dmarc
ebt
electronic information
email
employment
equifax
eu
eu-u.s. privacy shield
european union
executive order
fbi
fcra
federal trade commission
fraud
gdpr
hacker
hacking
healthcare
hhsocr
hipaa
holiday season
human resources
identity fraud
identity theft
illinois
incident response
information security
insurance
insurance industry
internet
internet service provider
irs
legislative alert
malware
managed service providers
maryland
meltdown
michigan
microsoft office 365
money service business
multi-factor identification
new jersey
new mexico
new york
ninth circuit
nist framework
nist security controls
office for civil rights
online operators
passwords
personal data
personal information
phishing
protected health information
ransomware
regulations
research
scare scam
search warrant
security rule
social engineering
social media
spectre
statute
supreme court
tax returns
utah
video-teleconferencing
virginia
w2
washington
websites
workplace policy
zoom