What are some of the most important health data privacy and security regulatory developments to watch in 2020? Privacy attorney Kirk Nahra of the law firm WilmerHale discusses what he sees as the top five issues in the year ahead.
Whether you're a large enterprise that has experienced a headline data breach or a midmarket organization that has just been paralyzed by ransomware, you share points in common. Which law enforcement agency do I call after the incident has been discovered? When do I involve legal counsel? What resources are available...
What's the best way to spring your citizens from foreign jail if they've been detained on U.S. hacking charges? That's a question that continues to plague Russia, including in the ongoing case against Aleksey Burkov, who's been charged with being part of a $20 million payment fraud scheme.
Draft regulations to carry out the California Consumer Privacy Act do not go far enough to clarify ambiguities in the law, which goes into effect Jan. 1, 2020, says privacy attorney Sadia Mirza of the law firm Troutman Sanders, who encourages organizations to submit comments on the proposed regs.
In the wake of a federal appeals court ruling last year vacating a Federal Trade Commission enforcement action against LabMD, the FTC's data security consent orders are becoming far more detailed and rigorous, says former FTC attorney Julie O'Neill.
Billions are being spent globally on cybersecurity every year, yet regularly we are hearing of new breaches each more significant than the previous. The physical security of your infrastructure and your ability to protect your digital assists has never been more interconnected and critical to the survival of your...
When it comes to cybersecurity, the past twelve months have been busy in Canada. With the coming into force of mandatory breach reporting, major court decisions in the Casino Rama and Rouge Valley Hospital cases and headline-grabbing breaches, such as Desjardins and Air Canada, there has been no shortage of lessons...
Asking the right questions is the first critical step in implementing appropriate cyber hygiene and minimizing exposure to regulatory scrutiny and litigation. Too often, organizations fail to ask those questions. Typically, this is because the C-Suite executives, who are expected to engage and oversee cybersecurity,...
U.S. organizations were barely GDPR compliant in 2018, when California unveiled its own privacy legislation, the California Consumer Privacy Act, which goes into effect on Jan. 1, 2020. Yet, this is but one of several privacy laws being enacted across the U.S., and it poses many questions about the role of security to...
Whether you're a large enterprise that has experienced a headline data breach or a midmarket organization that has just been paralyzed by ransomware, you share points in common. Which law enforcement agency do I call after the incident has been discovered? What do I do - and not do with the affected systems? What...
Risks associated with cyber security incidents and business interruption are major concerns for companies worldwide. Improperly managed, cyber security incidents like ransomware can bring companies to a standstill and the resulting financial losses can have a substantial impact. Using real life examples, learn how...
The latest edition of the ISMG Security Report analyzes the root causes of the Capital One data breach. Also featured: breach remediation advice and compliance with New York's new third-party risk management requirements.
Given the massive impact of the Equifax data breach, is the recently announced proposed settlement fair? One consumer advocate calls the money to be paid out by the consumer reporting agency the equivalent of a "parking ticket." Here's an analysis of the settlement's terms.
The relationship between American Medical Collection Agency and its laboratory clients affected by the company's data breach will be closely examined as breach-related lawsuits progress, says attorney Paul Hales, a HIPAA specialist, who explains why.
The latest edition of the ISMG Security Report analyzes the debate over whether the government should require technology firms to use weak encryption for messaging applications. Plus, D-Link's proposed settlement with the FTC and a CISO's update on medical device security.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
