From Hogan Lovells: The rapid development of data protection laws across the Asia-Pacific region indicates significant movement toward certain standards, albeit with notable local policy variations across multiple areas. Our Asia-Pacific Data, Privacy, and Cybersecurity Guide 2025 will explore these developments, key initiatives in major APAC jurisdictions, and the implications of an ever-changing regulatory landscape….
Category: Breach Laws
Australian ransomware victims now must tell the government if they pay up
Alexander Martin reports: Australia became on Friday the first country in the world to require victims of ransomware attacks to declare to the government any extortion payments made on their behalf to cybercriminals. The law, initially proposed last year, only applies to organizations with an annual turnover greater than AUS $3 million ($1.93 million) alongside a smaller…
HHS OCR Settles HIPAA Security Rule Investigation of BayCare Health System for $800k and Corrective Action Plan
HHS OCR has settled another enforcement action involving the HIPAA Security Rule. From their press release yesterday, it sounds like an insider wrongdoing case. In its formal resolution agreement, the government states that on October 23, 2018, OCR received a complaint alleging that on October 8, 2018, an unknown third party accessed her printed and…
FTC Finalizes Order with GoDaddy over Data Security Failures
The Federal Trade Commission has finalized an order with GoDaddy settling allegations that the webhosting provider misled consumers by failing to implement data security protections, which led to several data breaches. The FTC alleged in January 2025 that despite claiming it provides “award-winning security,” GoDaddy failed to implement standard data security tools and practices to protect customers’…
HHS Office for Civil Rights Settles HIPAA Cybersecurity Investigation with Vision Upright MRI
On March 10, 2025, Vision Upright MRI notified HHS of a breach affecting 23,031 patients, but there was nothing posted on their website to explain the breach. A press release issued by HHS today provides some explanation for the incident that involved the medical images of 21,778 patients. From their release: OCR initiated a compliance…
Treasury agrees to block additional DOGE staff from accessing sensitive payment systems
Suzanne Smalley reports: The Treasury Department has agreed to temporarily block all but two members of the Trump administration’s Department of Government Efficiency (DOGE) team from accessing sensitive payment records and to limit their access to “read-only,” according to a Wednesday court filing. The DOGE workers allowed to continue accessing Treasury’s payment systems are Tom…