Vishal Raghavan has an opinion piece in The Leaflet about the failure of Indian firms to notify customers of breaches or to be held accountable and fined monetarily by regulators. He begins by reviewing a number of high-profile breaches reported in the last year or so, and the notes that all of the companies didn’t…
Category: Breach Laws
Alibaba Cloud data leak ‘violated Cybersecurity Law’ in 2019 and must rectify, local Chinese telecoms regulator says
Coco Feng reports: The telecoms authority of China’s eastern Zhejiang province has told the cloud computing unit of Alibaba Group Holding that it violated the country’s Cybersecurity Law and should make rectifications following a complaint about a 2019 information leak. In a letter dated July 5, the Zhejiang Communications Administration (ZCA) said it found Alibaba Cloud “disclosed…
Bits ‘n Pieces
Aultman Health Foundation Notifying Patients of Insider-Wrongdoing The Ohio foundation is notifying approximately 7,000 patients that a former employee accessed their records without business need. HOYA Optical Labs of America Notifying Patients of Ransomware Incident As first reported by HealthITSecurity, the Japanese-headquartered firm notified 3,259 U.S. patients of a ransomware incident. The incident occurred in…
SmartSearch issues warning over risk of GDPR breach
admin posted: Anti-money laundering specialist SmartSearch said regulated businesses in the housing chain which are relying on manual customer records risk non-compliance more than three years after the GDPR laws came into force in the UK. John Dobson, CEO at SmartSearch explained even after this time had lapsed a lot of firms did not have…
Maine and North Dakota Are Latest States to Adopt the NAIC Data Security Model Law
Deborah George of Robinon + Cole writes: Two more state governors, those of Maine and North Dakota, have signed bills into law that adopt the National Association of Insurance Commissioners (NAIC) data security model law (Model Law). Maine and North Dakota join several other states that have already passed similar laws. Hawaii, Idaho, Illinois, Iowa,…
SG: Revised Guides on Managing Data Breach and Active Enforcement Now Available
An announcement from the Personal Data Protection Commission of Singapore: The PDPC has updated Guide to Managing Data Breaches 2.0 (now known as the Guide on Managing and Notifying Data Breaches under the PDPA) with details of the mandatory data breach notification requirement under the PDPA. Access the Guide here. The Guide on Active Enforcement has…