Breach Laws – Page 21 – DataBreaches.Net

HIPAA Enforcement by State Attorneys General

Posted on January 22, 2021 by Dissent

HIPAA Journal has a nice recap of of HIPAA enforcement actions by states attorney general. You can read it here.

An Overview of Cybersecurity Law in Taiwan

Posted on January 21, 2021 by Dissent

John Eastwood, Nathan Snyder, Wendy Chu, David Rosenthal and Lloyd G. Roberts III of Eiger write: 1. GOVERNING TEXTS In Taiwan, there are two main branches of legislation pertaining to information security: legislation on cybersecurity and legislation protecting personal data. While the information security aspects of personal data protection legislation (mainly the PDPA) only apply…

EDPB Publishes Guidelines on Examples regarding Data Breach Notification

Posted on January 20, 2021 by Dissent

Hunton Andrews Kurth writes: On January 18, 2021, the European Data Protection Board (“EDPB”) released draft Guidelines 01/2021 on Examples regarding Data Breach Notification (the “Guidelines”). The Guidelines complement the initial Guidelines on personal data breach notification under the EU General Data Protection Regulation (“GDPR”) adopted by the Article 29 Working Party in February 2018. The new draft…

Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers

Posted on January 12, 2021 by Dissent

A Proposed Rule by the Comptroller of the Currency, the Federal Reserve System, and the Federal Deposit Insurance Corporation on 01/12/2021 This document has a comment period that ends in 90 days. (04/12/2021). You can submit a formal comment on it. Summary: The OCC, Board, and FDIC (together, the agencies) invite comment on a notice of proposed rulemaking (proposed rule or…

OCR Releases Report Summarizing HIPAA Privacy and Security Compliance Failures

Posted on January 9, 2021 by Dissent

Joseph J. Lazzarotti and Maya Atrakchi of JacksonLewis write: In the final days of 2020, the Office for Civil Rights (OCR) at the U.S. Health and Human Service (HHS) released a HIPAA Audits Industry Report (“the Report”), that could be quite helpful to covered entities and business associates for tackling HIPAA compliance as we enter the new…

Australian Digital Health Agency sees ‘inconsequential’ My Health Record data breach notices eroding trust

Posted on January 8, 2021 by Dissent

Ry Crozier reports: The Australian Digital Health Agency, overseer of the My Health Record, has expressed concern at the number and type of “potential” data breaches it is being forced to disclose. In a submission to the Privacy Act review [pdf], the agency (ADHA) asks for changes to the My Health Records Act under which…