Tom Pullar-Strecker reports: A data breach may have occurred at the organisation that provides health IT services to more than a third of the country, amid growing indications of a serious cyber-security incident. A spokeswoman for the Office of the Privacy Commissioner said it was notified by Counties Manukau DHB of a possible data breach…
Author: Dissent
Connecticut Enacts Safe Harbor From Punitive Damages In Data Breach Cases
Jason Gavejian and Joseph Lazzarotti of JacksonLewis write: Effective October 1, 2021, Connecticut becomes the third state with a data breach litigation “safe harbor” law (Public Act No. 21-119), joining Utah and Ohio. In short, the Connecticut law prohibits courts in the state from assessing punitive damages in data breach litigation against a covered defendant…
Ca: Health unit privacy breach exposes email addresses of 500 residents of Kawartha Lakes, Northumberland, and Haliburton
KawarthaNOW reports: The Haliburton, Kawartha, Pine Ridge District Health Unit has reported a privacy breach, in which a mass email sent to around 500 residents in Kawartha Lakes, Northumberland, and Haliburton exposed their email addresses to anyone who received the email. Read more on KawarthaNOW
AIG unit must defend Texas retailer Landry’s in data breach case
Judy Greenwald reports: A federal appeals court reversed a lower court Wednesday and ruled an American International Group Inc. unit is obligated to defend a retailer in connection with a data breach. Houston-based Landry’s Inc., which operates retail properties including restaurants, hotels and casinos, discovered a data breach that occurred between May 2014 and December…
Fraud Family phishing-as-a-service disrupted in the Netherlands
Catalin Cimpanu reports: Police officers arrested a 24-year-old man from the city of Arnhem and a 15-year-old boy from the town of Loenen aan de Vecht. Investigators said the former developed the phishing kits, while the latter had been responsible for selling access to the tools developed by his partner. Police also searched the house…
California Breach Regulations Applicable to Health Care Facilities Align “Breach” Definition with HIPAA, Expand Reporting Obligations, and Clarify Penalty Structure
Jennifer Hennessy, Chloe Talbert, and Jennifer Urban of Foley Lardner write: California clinics, health facilities, home health agencies, and licensed hospices required to report breaches to the California Department of Public Health (CDPH) under California’s Health and Safety Code Section 1280.15 (Section 1280.15) are now subject to a new set of regulations. Section 1280.15, which has been in…