Collaborate Disseminate
From the Office of the Privacy Commissioner of Canada, May 24: The Office of the Privacy Commissioner of Canada (OPC) has launched a new online breach reporting form for federal institutions subject to the Privacy Act as well as updated its online brea… Continue reading Ca: New online breach reporting forms for federal institutions and businesses
The Office of the Information & Privacy Commissioner for British Columbia issued the following statement on May 23 about a case that raises issues of transparency and claims of privileged information: LifeLabs has announced that it is seeking leav… Continue reading LifeLabs to appeal court’s decision to release Ontario IPC and BC OIPC breach investigation report
United Urology Group describes itself as a national network of urology specialists with corporate headquarters in Maryland. Their network includes Arizona Urology Specialists Phoenix, Arizona Urology Specialists Tucson, Chesapeake Urology, Colorado Uro… Continue reading United Urology Group appears to be a victim of a ransomware attack; some patient data already leaked
Washington D.C., May 22, 2024 — The Securities and Exchange Commission today announced that The Intercontinental Exchange, Inc. (ICE) agreed to pay a $10 million penalty to settle charges that it caused the failure of nine wholly-owned subsidiaries, in… Continue reading SEC Charges Intercontinental Exchange and Nine Affiliates Including the New York Stock Exchange with Failing to Inform the Commission of a Cyber Intrusion
“Mother, May I?” UK entities may need permission to make ransom payments. Alexander Martin reports: Officials in Britain are set to propose a major overhaul of how the country responds to ransomware attacks by requiring all victims to repor… Continue reading UK to propose mandatory reporting for ransomware attacks and licensing regime for all payments
Chad Van Alstin reports: The U.S. Department of Health and Human Services (HHS) is launching a $50 million incentive program to encourage hospitals to improve their cybersecurity. Dubbed the Universal Patching and Remediation for Autonomous Defense—or … Continue reading HHS launches $50M security initiative to thwart hospital ransomware
Aaron Nicodemus reports: The Securities and Exchange Commission (SEC) will require broker-dealers and registered investment advisers to adopt written policies and procedures for handling data breaches of customer data and notify affected customers with… Continue reading SEC amends Reg S-P to require data breach notification within 30 days
Cristiane Manzueto, Rodrigo Leal, Ana Letícia Allavato, and Diego Semeraro of Mayer Brown write: Resolution No. 15, of April 24, 2024, of the Brazilian Data Protection Authority (“ANPD”), approved the Data Breach Notifying Regulation (the “… Continue reading Brazilian Data Protection Authority approves data breach notifying regulation
The Federal Trade Commission today announced it has finalized changes to the Health Breach Notification Rule (HBNR) that will strengthen and modernize the rule by clarifying its applicability to health apps and other similar technologies and expanding … Continue reading FTC Finalizes Changes to the Health Breach Notification Rule
Zack Whittaker reports: U.S. health conglomerate Kaiser is notifying millions of current and former members of a data breach after confirming it shared patients’ information with third-party advertisers, including Google, Microsoft and X (formerly Twit… Continue reading Kaiser to notify millions of a data breach after sharing patients’ data with advertisers