Federal – Page 9 – WindowsTechs.com

ANNOUNCE: HHS’ Office for Civil Rights Seeks Public Comment on Recognized Security Practices and Sharing Civil Money Penalties and Monetary Settlements Under the HITECH Act

Posted on April 7, 2022 by Dissent

The U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) today released a Request for Information (RFI) seeking input from the public on two requirements of the Health Information Technology for Economic and Clinical Health… Continue reading ANNOUNCE: HHS’ Office for Civil Rights Seeks Public Comment on Recognized Security Practices and Sharing Civil Money Penalties and Monetary Settlements Under the HITECH Act→

Singapore moots bill to slap banks with higher fines for security breach

Posted on April 6, 2022 by Dissent

Eileen Wu reports: Singapore has taken another step towards a new bill that seeks to impose higher penalties on financial institutions that suffer a security breach as a result of oversight. It also looks to tighten regulations of digital token service… Continue reading Singapore moots bill to slap banks with higher fines for security breach→

Ph: Fines for data privacy breach capped at P5 million

Posted on March 26, 2022 by Dissent

Ranier Allan Ronda reports: The National Privacy Commission (NPC) has set a ceiling of P5 million on fines imposed on data privacy violators, following a revision of its penalty system based on public consultations. The NPC presented its revised schedu… Continue reading Ph: Fines for data privacy breach capped at P5 million→

Africa Data Security and Privacy Guide

Posted on March 20, 2022 by Dissent

Janet MacKenzie, Anne-Marie Allgrove, Kellie Blyth, Elisabeth Dehareng, Ghada El Ehwany, Brian Hengesbaugh, Theo Ling, Paolo Sbuttoni, and Carlos Vela-Trevino of Baker McKenzie write: The pandemic drove home the high value of personal data to the globa… Continue reading Africa Data Security and Privacy Guide→

HIPAA’s Role in Setting Good Security

Posted on March 18, 2022 by Dissent

Matt Fisher writes: The Office for Civil Rights is promoting HIPAA as being able to prevent or substantially mitigate the impacts of a cyber attack. It is a bold statement from OCR and one that bears unpacking. Why is OCR asserting that HIPAA can preve… Continue reading HIPAA’s Role in Setting Good Security→

President Biden Signs Critical Infrastructure Ransomware Payment and Cyber Incident Reporting into Law

Posted on March 17, 2022 by Dissent

Ashden Fein, Robert Huffman, Moriah Daugherty, and Hensey A. Fenton III of Covington and Burling write: On March 15, 2022, President Biden signed the Consolidated Appropriations Act 2022, a $1.5 trillion omnibus spending package to fund the government … Continue reading President Biden Signs Critical Infrastructure Ransomware Payment and Cyber Incident Reporting into Law→

Hidden privacy lessons in the FTC’s CafePress security enforcement

Posted on March 16, 2022 by Dissent

Cobun Zweifel-Keegan writes: In its most recent cybersecurity enforcement decision, the U.S. Federal Trade Commission announced a draft settlement agreement with the current and former operators of the customized merchandise website CafePress.com. Alth… Continue reading Hidden privacy lessons in the FTC’s CafePress security enforcement→

Comprehensive Health Services Pays False Claims Act Settlement Involving EMR Security

Posted on March 15, 2022 by Dissent

Marianne Kolbasuk McGee reports: A healthcare services contractor has agreed to pay a $933,000 settlement in a federal whistleblower case involving alleged false claims by the entity about the security of electronic medical records containing the infor… Continue reading Comprehensive Health Services Pays False Claims Act Settlement Involving EMR Security→

SEC Proposes Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies

Posted on March 12, 2022 by Dissent

Washington D.C., March 9, 2022 — The Securities and Exchange Commission today proposed amendments to its rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public compan… Continue reading SEC Proposes Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies→

U.S. Congress Passes Cyber Incident and Ransom Payment Reporting Requirement

Posted on March 11, 2022 by Dissent

Energy, financial services, food and agriculture, healthcare, information technology, defense industrial base, and other critical infrastructure entities in the United States will face new cyber incident reporting requirements as a result of the Cyber … Continue reading U.S. Congress Passes Cyber Incident and Ransom Payment Reporting Requirement→