Collaborate Disseminate
Cyber security assessment initiatives and frameworks abound in the US government, the most important being the Federal Information Systems Management Act (FISMA), passed in 2002. The law’s broad scope included a mandate to the US National Institu… Continue reading 6 Common Compliance Conundrums to Know About
Ife Ogunfuwa reports: Nigerians and businesses’ risk losing N2m [USD $5,556.00] or more to the government for violating the Nigeria Data Protection Regulation 2019. The National Information Technology Development Agency made this known on Wednesday in … Continue reading Violation of Nigerian data protection law attracts N2m fine, others
Oh, I missed something yesterday. President Trump signed an Executive Order on America’s Cybersecurity Workforce. I can’t find it in the Federal Register yet, but you can read it here. Continue reading Executive Order on America’s Cybersecurity Workforce
You may have heard that browsers were not designed with security in mind. Originally created to make the internet more accessible for scientists, the “free” browser soon morphed into a tool that helped advertisers and marketers turn its users into the… Continue reading Federal Tech Talk: Secure Web Browsing
DLA Piper writes: The United Arab Emirates (UAE) federal government has issued Federal Law No. 2 of 2019 on the Use of Information and Communication Technology (ICT) in Health Fields (“ICT Health Law”). The objectives of this law are to: ensure the opt… Continue reading United Arab Emirates: New law regulating data in the health sector
Katherine E. Armstrong of Drinker Biddle & Reath LLP writes: Two of the Federal Trade Commission’s (FTC’s) most recent data security settlements include new requirements that go beyond previous data security settlements. The new provisions (1) requ… Continue reading New Requirements for FTC Data Security Settlements
President Trump has signed an executive order (EO) that seeks to bolster the U.S. federal government’s digital security workforce. On 2 May, President Trump authorized the “Executive Order on America’s Cybersecurity Workforce.” … Continue reading President Trump Signs EO to Bolster Federal Digital Security Workforce
Jeremiah Fowler reports on another unsecured elasticsearch database that his firm has found: On March 27th I discovered an unsecured Elasticsearch database that contained what appeared to be members of a medical evacuation membership service. Upon furt… Continue reading SkyMed Medical Evacuation Membership Service Exposed Data of 137k Members
Craig A. Newman of Patterson Belknap writes: The Securities and Exchange Commission is warning investment firms to step up their game when it comes to following the agency’s privacy rules. In a Risk Alert issued by the Office of Compliance Inspections … Continue reading SEC Warns Advisers Over Privacy Compliance Issues
Those who want to see HHS/OCR come down like a ton of bricks on more entities and impose heavier civil monetary penalties for HIPAA breaches will likely not be happy to learn that HHS has decided to reduce the maximum civil penalties it will impose for… Continue reading HHS exercises enforcement discretion and reduces maximum civil penalties