R. Loheswar reports: Continued breaches exposing Malaysians’ private information at government agencies meant the Personal Data Protection Act (PDPA) should be amended to finally make these accountable, said legal experts. In its current form, the PDPA only covers commercial entities and transactions, exempting both the federal and state governments from its rules and principles, including…
Category: Breach Laws
Ie: Data Protection Commission publishes 2022 Annual Report
Commissioner for Data Protection, Helen Dixon, has today launched the Irish Data Protection Commission’s Annual Report for 2022. Highlights of the 2022 Annual report include: The DPC concluded 17 Large-Scale inquiries, with administrative fines in excess of €1billion and multiple reprimands and compliance orders imposed. Additionally, as at 31 December 2022, 4 DPC draft decisions…
Updates to the Gramm-Leach-Bliley Act Cybersecurity Requirements
POSTED DATE: February 09, 2023 AUTHOR: Federal Student Aid ELECTRONIC ANNOUNCEMENT ID: GENERAL-23-09 SUBJECT: Updates to the Gramm-Leach-Bliley Act Cybersecurity Requirements On December 9, 2021, the Federal Trade Commission (FTC) issued final regulations (Final Rule) to amend the Standards for Safeguarding Customer Information (Safeguards Rule), an important component of the Gramm-Leach-Bliley Act’s (GLBA) requirements for protecting the…
Au: AMA calls for stronger laws to protect patient data
Fat Niebres reports: The Australian Medical Association (AMA) has called for stronger safeguards to protect patient data, saying laws must be in place to prevent security breaches and the use of health data to boost private profits. In a new position paper, the AMA pointed out the need for a broader national discussion on health…
A Tale of Two Breach Notification Rules
Matt Fisher writes: The early days of February 2023 saw two very different settlements announced related to healthcare data breaches. One arguably follows a well-known course and the other could be a sign of things to come. After having a health breach notification rule on the books since 2009, the Federal Trade Commission (“FTC”) had…
UK: Counter-attacking ransomware hackers
Thomas Rudkin of Farrer & Co writes: There is a developing line of cases in England & Wales where those who have been subject to a ransomware attack take action against the hackers through the civil courts. The question is why bother and what is the best way to go about this if that is…