Collaborate Disseminate
Rachel Walker and Elouise Casey of Dentons write: Failure to comply with the mandatory breach reporting regime is arguably the canary in the coal mine for regulatory compliance to Australian Securities and Investments Commission (ASIC). We are expectin… Continue reading AU: ASIC modifies licensees’ breach reporting obligations
Skye Witley reports: A new US notification requirement for victims of malicious hacks could push in-house counsel to disclose cyberattacks when faced with ransomware and other network compromises. Among the first-ever cyber regulations to be enforced b… Continue reading Top US Cyber Agency Pushing Toward First Hack Reporting Rule
From HHS’s October cybersecurity newsletter: Last year, the Department of Health and Human Services’ (HHS) Health Sector Cybersecurity Coordination Center (HC3) released a threat brief on the different types of social engineering1 that hackers us… Continue reading HIPAA requires employers to sanction employees who violate HIPAA. Did you know that?
From a press release from the NYS Attorney General’s Office today: New York Attorney General Letitia James today secured $350,000 from a Long Island-based home health care company, Personal Touch Holding Corporation (Personal Touch), for failing … Continue reading Personal Touch Holding settles NY Attorney General’s lawsuit stemming from 2021 ransomware incident: will pay $350k, improve security
Judy Skatssoon reports: Queensland is set to join NSW as the only other Australian state to introduce a mandatory data breach notification scheme. The state government says the Information Privacy and Other Legislation Amendment Bill 2023, introduced o… Continue reading Queensland agencies to face mandatory data breach reporting
Jodi K. Scott, Lina Kontos, Randy Prebula, and Alex Smith of Hogan Lovells write: The U.S. Food and Drug Administration (FDA) has finalized its guidance on “Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submis… Continue reading FDA finalizes advice on cybersecurity info to include in device submissions
NEW YORK – New York Attorney General Letitia James today announced an agreement with Marymount Manhattan College (MMC), a private non-profit liberal arts college in New York City, to invest $3.5 million in data security to protect students’ online data… Continue reading Attorney General James Reaches Agreement with Marymount Manhattan College to Invest $3.5 Million to Protect Students’ Online Data
Jose Rascon reports: The Department of Homeland Security (DHS) has released a new report looking to wrangle the different avenues in which the Federal government and its agencies report cyber incidents in a more ‘reportable’ fashion. The report, titled… Continue reading DHS Pushes for Common Cyber Incident Reporting Definitions
The HHS Office for Civil Rights (OCR) will be producing a pre-recorded webinar for HIPAA covered entities and business associates (collectively, “regulated entities”) discussing how the Security Rule can help regulated entities defend against cyber-att… Continue reading OCR Presents: How the Security Rule Can Help Defend Against Cyber-Attacks
Eric Geller reports: The U.S. government is struggling to convince hospitals that they need to spend time and money fighting hackers and provide useful advice to them, a problem that could have lethal consequences as the country’s ransomware crisis rag… Continue reading The Government Isn’t Sure How to Get Small Hospitals to Take Cybersecurity Seriously