Collaborate Disseminate
Threat actors known as Vice Society have disclosed another attack on the healthcare sector. This time, the victim is United Health Centers of the San Joaquin Valley in California. Lawrence Abrams of BleepingComputer reports: On August 31st, BleepingCom… Continue reading United Health Centers of San Joaquin Valley remains publicly silent after ransomware attack
HIPAA Journal reminds us all that states can require notification to the state of breaches that are also covered by HIPAA and can take enforcement action if they are not reported: Recently, there have been several instances where the California DOJ has… Continue reading California DOJ Must Be Notified About Breaches of the Health Data of 500 or More California Residents
Jason Gavejian and Joseph Lazzarotti of JacksonLewis write: Effective October 1, 2021, Connecticut becomes the third state with a data breach litigation “safe harbor” law (Public Act No. 21-119), joining Utah and Ohio. In short, the Connecticut law pro… Continue reading Connecticut Enacts Safe Harbor From Punitive Damages In Data Breach Cases
Jennifer Hennessy, Chloe Talbert, and Jennifer Urban of Foley Lardner write: California clinics, health facilities, home health agencies, and licensed hospices required to report breaches to the California Department of Public Health (CDPH) under Calif… Continue reading California Breach Regulations Applicable to Health Care Facilities Align “Breach” Definition with HIPAA, Expand Reporting Obligations, and Clarify Penalty Structure
July, 15 — Madison, Wis. — Today, Governor Tony Evers signed Act 73 into law creating new cybersecurity requirements for protecting data collected by the insurance industry. “From ransomware to data breaches, insurers and consumers are at an incr… Continue reading WI: Governor Evers Signs Law to Enhance Insurance Cybersecurity Measures
Kurt R. Hunt and Gregory A. Tapocsi of Dinsmore & Shohl LLP write: On July 13, 2021, Ohio Lieutenant Governor John Husted announced the introduction of the Ohio Personal Privacy Act (OPPA), a comprehensive privacy framework following in the footste… Continue reading Ohio Introduces Data Privacy Legislation
Liisa Thomas and Snehal Desai of Sheppard Mullin write: The Georgia Supreme Court recently concluded that Georgia’s equivalent of the CFAA should be viewed narrowly, similar to the US Supreme Court’s recent, similar decision in Van Buren. In Kinslow v…. Continue reading New Decision Narrows Scope of Georgia Computer Trespass Statute
Lance Taubin, Kate Hanniford, and Kimberly Peretti of Alston & Bird write: The New York Department of Financial Services (NYDFS) issued new guidance this week intended to assist organizations in thwarting ransomware attacks. The guidance clarifies … Continue reading NYDFS Issues Guidance on Cybersecurity Controls to Combat Ransomware and Clarifies Reporting Obligations
Emily Poole of Alston & Bird writes: As ransomware attacks continue to dominate the news cycle, legislation has recently been introduced in several states that would place limits on certain entities’ ability to pay a ransom payment in the event of … Continue reading State Legislatures Consider Bans on Ransomware Payments
Joseph J. Lazzarotti, Jason C. Gavejian, and Maya Atrakchi of Jackson Lewis write: State legislatures across the nation are prioritizing privacy and security matters, and Connecticut is no exception. This week, Connecticut Attorney General William Tong… Continue reading Connecticut on its Way to an Enhanced Data Breach Notification Law