Expert Opinion

On January 5, 2020, HR 7898, became law amending the Health Information Technology for Economic and Clinical Health Act (HITECH Act), 42 U.S.C. 17931, to require that “recognized cybersecurity practices” be considered by the Secretary of Health and Human Services (HHS) in determining any Health Insurance Portability and Accountability Act (HIPAA) fines, audit results or […]

On 16 December 2020, the European Commission adopted a proposal for a Directive on measures for a high common level of cybersecurity across the Union (“NIS II Directive”) that revises the current Directive on Security of Network and Information Systems (“NIS Directive”). As part of its new EU Cybersecurity Strategy, launched on the same day, […]

Although it was already apparent, recent events have made it even clearer that cybersecurity is an essential concern for government contractors. The coming year...

In a guest post on D&O Diary, McDermott, Will & Emery partner Paul Ferrillo discusses how the SolarWinds compromise could have important implications for the cyber insurance marketplace. Ferrillo notes the failure of DHS’s Einstein threat detection system to flag the malicious code inserted into federal networks via SolarWinds Orion product, and describes how hackers […]

On January 13, the FCC published its final supply chain security rule implementing the Secure and Trusted Communications Networks Act of 2019. The rule is the most recent action in the FCC’s existing proceeding Protecting Against National Security Threats to the Communications Supply Chain Through FCC Programs. Of particular note, it requires any provider of […]

On December 16, 2020, the German Federal Government passed a draft law that substantially amends some of Germany’s information technology laws (“IT laws”). These amendments aim to adapt the current legal framework to the increasing digitalization of products and services, the proliferation of IoT products, and the appearance of new cybersecurity threats. The draft law […]

The U.S. Federal Judiciary announced new safeguards and procedures to protect sensitive court records in light of a recent apparent cybersecurity breach. Last month, the Department of Homeland Security issued an emergency directive regarding the compromise involving SolarWinds Orion products. The judiciary was notified of this issue by the Administrative Office of the U.S. Courts, […]

Just in case your office or company is in the process of compiling a “to-do” list for 2021, here is one item that should have your full attention. On January 5, 2021, an amendment to the HITECH Act (H.R.7898) was signed into law requiring the U.S. Department of Health and Human Services “to consider certain […]

The Australian Cyber Security Center has published a guide on identifying cyber supply chain risks in suppliers, manufacturers, distributors and retailers. A key area flagged is foreign control, influence, and interference, and suggests a questionnaire for the suppliers which includes the following questions: What access might a foreign government gain in controlling or interfering with […]

CCPA advocates have hoped California’s privacy law will pave the way for national consumer privacy reform. While a wide-sweeping federal consumer privacy law remains to be seen, lawmakers from both sides of the aisle have proposed federal privacy legislation within the last 18 months and 30 states proposed consumer privacy legislation in 2020. With the […]