On September 15, 2021, the Federal Trade Commission (FTC) released a policy statement to offer guidance on the scope of its Health Breach Notification Rule (the Rule) in relation to health applications and connected devices. The Rule, issued in 2009, helps ensure entities not covered under the Health Insurance Portability and Accountability Act (HIPAA) are held accountable when consumers’ sensitive health information that has been entrusted to them is compromised.
Read more »Data Privacy & Cybersecurity
September 2021
-
FTC Warns Health Apps, Connected Device Companies to Comply with Health Breach Notification Rule Posted on: September 22, 2021 In: Data Privacy & Cybersecurity
-
OFAC September 2021 Advisory: Illusory Solutions to Soften the Enforcement Threat? Posted on: September 22, 2021 In: Data Privacy & Cybersecurity
On September 21, 2021, the United States Department of the Treasury’s Office of Foreign Assets Control (OFAC) released an updated advisory on potential sanctions risks for facilitating ransomware payments. The sanctions have been authorized by the International Emergency Economic Powers Act and the Trading with the Enemy Act with the purpose of disrupting funding for malicious cyber activities and limiting activities that may be adverse to U.S. national security and foreign policy objectives.
Read more »
Blog Search
Featured Posts
- December 06, 2022 Just In Time: Last Minute Compliance Tips for the CPRA and VCDPA
Blog Tags
alabama
arkansas
biometric data
blockchain
breach notification
california
canada
ccpa
cisa
client notification
colorado
congress
connecticut
consumer data
consumer notification
consumer rights
coronavirus
covid-19
cpa
cppa
cpra
cryptocurrency
cyberattack
cyber insurance
cybersecurity
cyber threat
cyberwarfare
data breach
data privacy
data security
delaware
email
employment
equifax
eu
eu-u.s. privacy shield
european union
executive order
fbi
fcra
financial fraud kill chain
fincen
fraud
ftc
gdpr
hacking
healthcare
hhsocr
hipaa
holiday season
human resources
identity theft
illinois
incident response
information security
irs
legislation
legislative alert
malware
managed service providers
maryland
massachusetts
microsoft
microsoft exchange servers
microsoft office 365
multi-factor authentication
multi-factor identification
new jersey
new mexico
new york
ninth circuit
nist security controls
ofac
opt out
personal data
personal information
phishing
privacy law
privacy protection patchwork
protected health information
ransomware
regulations
reporting requirements
russia ukraine conflict
sec
social engineering
social media
statute
strengthening american cybersecurity act
supreme court
tax returns
treasury department
utah
video-teleconferencing
virginia
washington
websites
wire transfers
workplace policy
zoom