Aliya Sternstein reports: New sweeping defense contractor rules on hack notifications take effect today, adding to a flurry of Pentagon IT security policies issued in recent years. Just this month, the Office of Management and Budget proposed guidelines to homogenize the way vendors secure data governmentwide. The Defense Department had already released three other policies that dictate how military vendors…
Category: U.S.
Ninth Circuit overturns CFAA verdicts for misusing databases
Orin Kerr writes: The Ninth Circuit has handed down United States v. Christensen, a case that touches on a bunch of computer crime issues that include the scope of the Computer Fraud and Abuse Act (CFAA). The court overturned CFAA convictions for employee misuse of a sensitive database. I think that result is correct, although I’m…
Banks’ Class Certification Motion Trumpets Target Data Security Failings, Ignores Impact of Card Association Settlements
Kevin M. McGinty of Mintz Levin writes: Card-issuing banks are forging ahead with their lawsuit against Target arising from the 2013 holiday shopping season data breach. Their July 1 motion for class certification has just been unsealed, allowing a glimpse at plaintiffs’ version of the events during November and December 2013 that resulted in theft of payment…
OH: 7,664 families notified of recordings missing from Akron Children’s Hospital
WFMJ reports: Akron Children’s Hospital has notified 7,664 patient families, including some from the Boardman facility, that a hard drive of back-up transport voice recordings has been lost. According to a statement from the hospital, the hard drive contains voice recordings of communications between dispatchers and medical staff at community hospitals, physician offices and Akron Children’s…
UCLA Health breach notification results in confusion, more breaches?
The massive breach at UCLA Health was bad enough, but now it looks like their breach notification resulted not only in confusion, but a second HIPAA privacy breach. Lisa Zamosky reports: Steve Reasner recently learned that because he is a patient at UCLA Health, his personal information may now be in the hands of criminals….
U. of Oklahoma College of Medicine – Department of Obstetrics & Gynecology notified patients after laptop stolen from physician’s car
Statement issued by University of Oklahoma College of Medicine – Department of Obstetrics & Gynecology on July 2, 2015: OU Physicians is committed not only to providing quality care, but also to the proper handling and protection of its patients’ information. As part of its commitment to patient privacy, and out of an abundance of…