Failing to Examine Risks Leads to Data Breach and Hefty Settlement Payout
4/24/17
By: Melissa Santalone
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has announced a $400,000 settlement with Metro Community Provider Network (MCPN), a Federally Qualified Health Center providing primary medical care and other health-related services …
Cyber Criminals Target FTP Servers of Healthcare Providers
4/5/17
By: Agne Krutules
The FBI has issued an alert warning medical care providers that cybercriminals are actively targeting File Transfer Protocol (“FTP”) servers of medical facilities. FTP is a common protocol used to transfer data between network hosts. The alert …
Late, But Not Last, New Mexico Legislature Passes Data Breach Notification Law
3/31/17
By: Jonathan M. Romvary
On March 15, 2017, New Mexico’s Senate passed H.B. 15, the Data Breach Notification Act, making New Mexico the 48th state to pass a data breach notification law. The law, if signed by the …
Internet of Things Device Manufacturer Settles Class Action Lawsuit
3/20/17
By: Matthew N. Foree
Recently, the United States District Court for the Northern District of Illinois preliminarily approved a class action settlement involving the manufacturer of an Internet of Things (“IoT”) device. In this case, two plaintiffs, whose names were …
MLB Approves Wearable Biometric Monitor During Games – What Are The Risks?
3/16/17
By: Amy C. Bender
Major League Baseball has announced it will allow players to wear a WHOOP Strap during games beginning in the 2017 season. The device gathers and analyzes levels of strain, sleep, and recovery by measuring factors such …
The FCC Stays Data Security Rules for Internet Service Providers
3/8/17
By: Robyn M. Flegal
The Federal Communications Commission (FCC) voted on Wednesday, March 1, 2017, to temporarily stay a portion of the data security rules passed in October of 2016. The portion of the rules stayed by the FCC would …
U.S. Department of Homeland Security Issues Strategic Principles for Securing the Internet of Things
3/7/17
By: Matthew N. Foree
As we have reported previously, the growth of network connected devices (“Internet of Things”) has created increasing concerns about the security risks of those devices. Recently, the U.S. Department of Homeland Security (“DHS”) issued non-binding …
Yahoo Pays Steep Price for Data Breaches
2/23/17
By: Kacie L. Manisco
In the wake of Yahoo’s disclosure of two massive data breaches last year, Yahoo and Verizon have finally confirmed that the search giant’s acquisition by Verizon will move forward – but at a steep price for …
Deadline Approaching for Small Breach Notification
2/14/17
By: Jeremy W. Rogers
HIPAA covered entities, which are health care providers, health plans, and health care clearinghouses, are required to report “small’ data breaches of unsecured, unprotected health information by March 1, 2017. Covered entities must report these breaches, …
Don’t Be a Phishing Victim: IRS Warns of Email Scam This Tax Season
2/13/17
By: David Cole
It’s tax season again and the cyber criminals are back at it. According to the IRS, last year’s W-2 spear-phishing scam has returned and is currently making its way across the nation. The IRS and state tax …
Widespread Data Hacks Need to Serve as a Reminder to Strengthen Employee Email and Password Policies
12/29/16
By: Melissa A. Santalone
With its second, large-scale hack announced on December 14, which this time reportedly compromised more than 1 billion user accounts, Yahoo’s latest cybersecurity conundrum should serve as a reminder to organizations large and small that strong …
FCC Chairman Wheeler Announces Plan to Step Down
12/15/16
By: Matthew N. Foree
Today, the Federal Communications Commission (“FCC”) issued a statement that Chairman Tom Wheeler, a Democrat who has held the position for more than three years, has announced that he intends to leave the FCC on January …