Federal – Page 17 – WindowsTechs.com

HITECH Amendment Provides Some Protection For Covered Entities and Business Associates that Adopt Recognized Security Standards

Posted on February 3, 2021 by Dissent

Anna D. Kraus, Libbie Canter, Tara Carrier, and Olivia Vega of Covington & Burling write: On January 5, 2021, an amendment to the Health Information Technology for Economic and Clinical Health (“HITECH”) Act was signed into law. The amendment requ… Continue reading HITECH Amendment Provides Some Protection For Covered Entities and Business Associates that Adopt Recognized Security Standards→

HIPAA Enforcement by State Attorneys General

Posted on January 22, 2021 by Dissent

HIPAA Journal has a nice recap of of HIPAA enforcement actions by states attorney general. You can read it here. Continue reading HIPAA Enforcement by State Attorneys General→

An Overview of Cybersecurity Law in Taiwan

Posted on January 21, 2021 by Dissent

John Eastwood, Nathan Snyder, Wendy Chu, David Rosenthal and Lloyd G. Roberts III of Eiger write: 1. GOVERNING TEXTS In Taiwan, there are two main branches of legislation pertaining to information security: legislation on cybersecurity and legislation … Continue reading An Overview of Cybersecurity Law in Taiwan→

M.D. Anderson’s $4.3 Million Fine for Patient Data Loss Vacated

Posted on January 14, 2021 by Dissent

This is huge. Mary Anne Pazanowski reports: The University of Texas’s M.D. Anderson Cancer Center dodged a $4.3 million fine for losing over 35,000 people’s protected health information after the Fifth Circuit ruled Thursday that HHS acted arbitrarily… Continue reading M.D. Anderson’s $4.3 Million Fine for Patient Data Loss Vacated→

Data Analytics Company Settles with FTC Over Alleged Data Security Violations

Posted on January 7, 2021 by Dissent

Sheila A. Millar and Tracy P. Marshall of Keller & Heckman write: Third-party service providers are vital to many companies and they handle a wide range of business activities essential for companies to deliver their own offerings. But a company is… Continue reading Data Analytics Company Settles with FTC Over Alleged Data Security Violations→

IoT Devices to See New Security Guidelines in 2021

Posted on December 28, 2020 by Dissent

Joseph Lazzarotti writes: Setting up that new IoT device you received for Christmas? Maybe you’ve been derelict in feeding the dog and found a smart dog feeder under the tree, one that will alert you that Luna has been fed or that you have to refill th… Continue reading IoT Devices to See New Security Guidelines in 2021→

FTC Announces Enforcement for Inadequate Third Party Risk Management Practices Under the GLBA’s Safeguards Rule

Posted on December 27, 2020 by Dissent

Hunton Andrews Kurth writes: On December 15, 2020, the Federal Trade Commission announced a proposed settlement with Ascension Data & Analytics, LLC, a Texas-based mortgage industry data analytics company (“Ascension”), to resolve allegations that … Continue reading FTC Announces Enforcement for Inadequate Third Party Risk Management Practices Under the GLBA’s Safeguards Rule→

OCR Settles Thirteenth Investigation in HIPAA Right of Access Initiative

Posted on December 23, 2020 by Dissent

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) announces its thirteenth settlement of an enforcement action in its HIPAA Right of Access Initiative. OCR announced this initiative as an enforcement priority i… Continue reading OCR Settles Thirteenth Investigation in HIPAA Right of Access Initiative→

Twitter Fine: a View into the Consistency Mechanism, and “Constructive Awareness” of Breaches

Posted on December 22, 2020 by Dissent

Mark Young, Shona O’Donovan and Paul Maynard of Covington & Burling writes about the recent news-making fine the DPC issued to Twitter. They write, in part: Process aside, the DPC’s decision contains some interesting points on when a control… Continue reading Twitter Fine: a View into the Consistency Mechanism, and “Constructive Awareness” of Breaches→

Federal Financial Agencies Propose Requirement for Computer Security Incident Notification

Posted on December 21, 2020 by Dissent

A press release from the FDIC on December 18: Federal financial regulatory agencies today announced a proposal that would require supervised banking organizations to promptly notify their primary federal regulator in the event of a computer security in… Continue reading Federal Financial Agencies Propose Requirement for Computer Security Incident Notification→