Jennifer Hennessy and Christopher Taylor of Foley & Lardner write: In an important development for HIPAA-regulated entities looking for practical assistance in understanding, implementing, and enhancing compliance with the HIPAA Security Rule, the National Institute of Standards and Technology (NIST) has finalized its comprehensive guidance, Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A…
Category: U.S.
An Update on the SEC’s Cybersecurity Reporting Rules
Hunton Andrews Kurth write: As we pass the two-month anniversary of the effectiveness of the U.S. Securities and Exchange Commission’s (“SEC’s”) Form 8-K cybersecurity reporting rules under new Item 1.05, this blog post provides a high-level summary of the filings made to date. Six companies have now made Item 1.05 Form 8-K filings. Three of these companies also…
Maryville Addiction Treatment Centers Victim Of Data Breach
Jon Craig reports: Maryville, a nonprofit addition agency, is offering credit monitoring services for those who may have had their Social Security numbers and other private details exposed as a result of the incident, according to spokesman Bill Crowe. The centers affected are in Williamstown, Turnersville, Pemberton, Vineland and Franklinville. Read more at Camden Daily…
Change Healthcare responding to cyberattack; few details known at this point
Early yesterday, Change Healthcare reported that they were experiencing enterprise-wide connectivity issues. They didn’t call it a cyberattack at that point, but by mid-day, their status reports were indicating that they were experiencing “a network interruption related to a cyber security issue.” A few hours later, they added a statement, “Once we became aware of…
Hack at Services Firm Hits 2.4 Million Eye Doctor Patients
Marianne Kolbasuk McGee reports: Medical Management Resource Group, which does business as American Vision Partners, works with – and “shares” a management system, IT and infrastructure with – 12 practices, according to its website. The incident involved the hack of a network server and affected more than 2.35 million individuals, the company said in a…
Data Breach Putative Class Action Questions Whether Broker Was Swift Enough in Notice and Response
Andrea DeField and Matthew J. Revis of Hunton Andrews Kurth write: While America was tuned into the big game, one California insurance broker faced its own treacherous showdown in the form of a putative class action filed on February 8, 2024 stemming from a data breach. With cyber incidents still on the rise, this is a story…