Thursday, May 28, 2020

Subscribers Only

Free

Recent Case Highlights The Dangers of Consequential Damage Waivers in IT Contracts

The U.S. Court of Appeals for the Eleventh Circuit recently affirmed a lower court’s decision finding that all damages flowing from a vendor’s data breach were barred by a standard provision in IT service contracts, disclaiming all liability for consequential damages. The court’s analysis could apply to almost any breach of data provided to a […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Why HIPAA Controls Don’t Do Enough for Privacy and Security

When it was passed in 1996, the Health Insurance Portability and Accountability Act’s definition of covered entities was limited to healthcare providers, insurance companies, and health information clearinghouses. Today, fitness trackers, mobile devices, and social media communities are equally likely to store protected health information, but none fit the definition of covered entity or business […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Reported Massive Breach at Yahoo Provides Cybersecurity Lessons for Other Companies

A data breach that potentially exposed the passwords of 500 million Yahoo account holders contains some lessons for other companies that may face similar situations. Experts say Yahoo could have informed users of the breach much sooner after rumors of the breach surfaced in August. The number of stolen passwords also suggests companies should adopt […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Hong Kong’s Privacy Commissioner Addresses Privacy Compliance and Best Practices for BYOD

Hong Kong’s Privacy Commissioner has published an information leaflet addressing the risks of allowing employees to connect their own mobile phones or other personal devices to company networks, and recommending best practices for organizations with bring-your-own-device policies. The guidance is generally applicable to any sector permitting BYOD and indicates firms remain fully responsible for complying […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

What to Expect from the EU’s New Network and Information Security Directive

Adopted in July, the European Union’s new Network and Information Security Directive, establishes a common level of security for networks and information systems across member states, which will implement the directive via national legislation. Although the legislation will differ from nation to nation, the directive establishes key provisions, including a requirement to adopt national cybersecurity […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Another Way to Violate Privacy: PHI in Court Documents

In a recent decision, a federal bankruptcy court fined healthcare system WakeMed Health and Hospitals $130,000 for exposing protected health information in court filings. Between 2007 and 2015, WakeMed filed documents containing PHI as it sought to obtain payment for debts allegedly owed by patients who had filed for bankruptcy protections. The documents included proof […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Rep. Johnson Introduces Bill Designed to Deter Electoral Hacking

Representative Hank Johnson (D-GA) has introduce the Elections Integrity Act of 2016, which would require all voting machines to generate a paper trail. The bill also would establish procedures for dealing with voting machine failures, require vote tabulating systems to be securely connected to the Internet, and urge the creation of security standards for all […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Unanimous House Vote Sends IT Modernization Bill to Senate

The House of Representatives voted unanimously to approve the Modernizing Government Technology Act, which combines provisions of two competing bills: House Minority Whip Steny Hoyer’s (D-MD) IT Modernization Act and Representative Will Hurd’s (R-TX) MOVE IT Act. The bill adopts the administration’s proposal for a centralized IT modernization fund to help agencies modernize legacy systems, […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

House Passes Small Business Cybersecurity Bill

The House of Representatives voted to pass the Improving Small Business Cyber Security Act of 2016, which would provide small businesses access to additional tools, resources and expertise to help protect their sensitive electronic data from cyber-threats. More at House Small Business Committee
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

CRS – The 2013 Cybersecurity Executive Order: Overview and Considerations for Congress

Citing repeated cyber-intrusions into critical infrastructure and growing cyberthreats, Executive Order 13636, Improving Critical Infrastructure Cybersecurity, was an attempt to enhance security and resiliency of CI through voluntary, collaborative efforts involving federal agencies and owners and operators of privately owned CI, as well as use of existing federal regulatory authorities Source
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.
Lost your password? Please enter your username or email address. You will receive a link to create a new password via email.