Marianne Kolbasuk McGee of HealthInfoSec poses a question about why Change Healthcare’s report to HHS indicated that 500 patients were affected when they already admitted that there were millions. Why use such a low placeholder instead of a higher number when it has been months since they discovered the breach and they must have some…
Category: Breach Laws
Malaysia introduces data breach notification system to combat scams
The Malaysian Reserve reports: Malaysia has introduced a Data Breach Notification system for immediate reporting and mitigation of data leaks to prevent citizens from becoming victims of scammers, Deputy Communications Minister Teo Nie Ching said. She said this notification must be submitted by data users who are experiencing personal data leakage incidents, including hacking threats….
Invasion of the Data Snatchers: B.C. Court of Appeal Clarifies Possible Scope of Privacy Claims Against Data Custodians in Data Breaches
Lyann Danielak, Joshua Hutchinson, and Robin Reinertson of Blake, Cassels & Graydon LLP write: On July 4, 2024, the B.C. Court of Appeal issued a duo of class action appeal decisions considering the potential scope of statutory and common law privacy claims against data custodians that fall victim to cyberattacks in data breach cases. In…
New Pennsylvania law will offer added protections for victims of data breaches and new reporting requirements
NCPA reports: Harrisburg, Pa. — A new state law will help protect consumers impacted by data breaches. Act 33 of 2024 requires an impacted organization to provide a free credit report and one year of credit monitoring to affected consumers. It also strengthens notification requirements and mandates notification of the Pennsylvania Office of Attorney General if a data…
Impact of Tennessee’s Cybersecurity Class Action Safe Harbor
Here are some perspectives by law firms. From SheppardMullin: Tennessee has joined a handful of other states to provide certain safe harbors in the cybersecurity realm. Unlike others, the law sites beside -but does not modify- the states’ data breach notification law. Also unlike others, the safe harbor is very narrowly tailored, and is not triggered by…
FCC Enforcement Bureau Settles With Liberty Latin America for Data Breach Notification Violations
Full Title: In the Matter of Liberty Latin America Limited, Liberty Mobile Puerto Rico Inc., Liberty Mobile USVI Inc. Document Type: Consent Decree Order Bureau(s): Enforcement Description FCC EB settles with Liberty for $100K civil penalty resolving an investigation into whether Liberty failed to report a data breach in a timely manner as required and failed…