Hunton Andrews Kurth writes: On April 29, 2021, China issued a second version of the draft Personal Information Protection Law (“Draft PIPL”). The Draft PIPL will be open for public comments until May 28, 2021. While the framework of this version of the Draft PIPL is the same as the prior version issued on October 21, 2020,…
Author: Dissent
Scraping Episodes Highlight Debate Over Anti-Hacking Law’s Scope
Andrea Vittorio reports: Recent data scraping incidents at Facebook Inc. and LinkedIn Corp. highlight an ongoing debate over whether companies can invoke an anti-hacking law to restrict rivals or other actors from harvesting information from people’s online profiles. The issue could reach the U.S. Supreme Court, in a case over a data-scraping dispute between LinkedIn and workforce…
CaptureRx – Notice of Data Incident (Update 3)
NOTE: This post is no longer being updated. Please see this article for updates on this incident. Update of May 17: Add Ascension Standish Hospital (1705} and Ascension St. Joseph Hospital (5807). Update of May 12: Add Walmart to your list of covered entities who had patients impacted by the CaptureRx breach. CaptureRx notified them…
UK: College cyber-attack is still causing problems
Murray Macleod reports: A major cyber-attack on the University of the Highlands and Islands has still not been resolved — two months after it was first reported. Police investigations into the ransom demand — which was rejected and subsequently triggered a series of network problems — is continuing. The size of the demand is not being…
Orthopedic Associates of Dutchess County notifies more than 330,000 patients of breach
On March 5, Orthopedic Associates of Dutchess County in New York (“OADC”) became aware of suspicious activity involving its systems. Their investigation determined that an unauthorized actor gained access to certain OADC systems on or about March 1, 2021, encrypted files, and then claimed to have removed and/or viewed certain files. According to the notification…
A breach of patient information included limited data on 17,655 patients of Faxton St. Luke’s Healthcare.
WKTV reports that Faxton St. Luke’s Healthcare has disclosed that almost 18,000 of its patients were impacted by a breach at its business associate, CaptureRx. The breach occurred on February 6, and Faxton was notified on March 30. Investigation revealed that the types of ePHI included: First Name, Last Name, Date of Birth, Prescription Information,…