Collaborate Disseminate
The point of security is to control your data. You get to decide who sees data and who does not. Both encryption and access control are designed to permit authorized people to access files, data, networks or devices and keep unauthorized people from g… Continue reading How Sky Global was Indicted for Selling Security
On March 2, 2021, Virginia Governor Ralph Northam signed the Commonwealth’s first comprehensive data privacy law, the Consumer Data Protection Act, making Virginia the second state, after California, to do so. California’s Consumer Privacy Act, … Continue reading Virginia Enacts New Data Privacy Law
In order to get into court – particularly federal court – a party has to demonstrate that they have “standing” to sue — that is, that they have personally suffered some kind of concrete and demonstrable harm as a result of someone el… Continue reading When are Privacy Violations Sufficient to Sue?
It has long been the law that searches – of one’s person, places, houses and effects – without probable cause and a warrant are presumptively unreasonable. Moreover, searches of electronic devices, which contain massive amounts of intimate… Continue reading Borderline Unreasonable Electronic Device Searches
The University of Texas M.D. Anderson Cancer Center was having a hard time protecting patient electronic health information. In 2012, an employee’s laptop, containing ePHI for about 30,000 patients was stolen. The same year, a trainee lost an unencryp… Continue reading HIPAA Security Requirements: What They Really Mean
On Feb. 4, consulting firm McKinsey agreed to pay a fine of more than a half-billion dollars to various state attorneys general in connection with their role in promoting the sale of addictive opioids to individuals across the country. The fine, which… Continue reading On Opioids, Consultants and Information Security
I have often written about the Kubler Ross stages of a data breach: denial, investigation, anger, blame, acceptance and litigation. Or something like that. A recent case in the federal appeals court in Georgia points out a problem with post-breach cla… Continue reading Can Breach Victims Sue Now for Future Harm?
The post Mark Rasch and Richard Stiennon Discuss Suspected Russian Hackers Use of SolarWinds to Break Into US Government Agencies appeared first on SecurityCurrent.
Continue reading Mark Rasch and Richard Stiennon Discuss Suspected Russian Hackers Use of SolarWinds to Break Into US Government Agencies
The law is murky on what constitutes legal authorization and use of computer data In Greek mythology, Cassandra was cursed with the ability to know the future, and with the inability to effectively warn anyone about it. Her warnings about the origins … Continue reading When Do You ‘Exceed’ Your Authorization to Use Computer Data?
Social media sites such as Facebook and LinkedIn have collected personal information on hundreds of millions of subscribers. They have also promised those subscribers that their data will only be shared or used for particular purposes—agreements that … Continue reading California Federal Court Weighs In (Again) on Social Media Scraping