Thomas S. Markey writes: On Feb. 19, a bill was introduced in the Pennsylvania Senate proposing to amend the Pennsylvania Breach of Personal Information Notification Act to add new breach notification requirements for state agencies and political subdivisions of the commonwealth. Enacted in 2005, the act (73 P.S. Section 2301 et seq.) applies to commonwealth…
Category: U.S.
FTC says it only has 40 employees overseeing privacy and data security
Harper Neidig reports: The Federal Trade Commission (FTC) on Wednesday told Congress that it only has 40 full-time employees dedicated to overseeing internet privacy and data security and requested lawmakers give the agency more resources to adequately police tech companies. FTC Chairman Joseph Simons, a Republican appointed by President Trump, wrote in a letter to…
Georgia Tech says data breach exposed info of 1.3 million people Updated: Apr 2, 2019 – 12:21 PM
WSB-TV reports: Georgia Tech says more than a million people’s personal information may have been exposed after someone gained “unauthorized access” to a web application. Officials said the breach impacts 1.3 million people, including “some current and former faculty, students, staff and student applicants.” They do not know what information was taken from the system,…
Michigan practice folds after cyberattackers wipe out all their files
On March 29, WWMT in Michigan reported: Hacked and held for ransom by a computer virus, a doctor’s office in Battle Creek was forced to close its doors after, doctors said, they refused to pay and their entire system was wiped out. Dr. William Scalf told Newschannel 3 ransomware locked up the system at Brookside…
HHS security policies should focus on incentives, not penalties, health IT leaders say
Heather Landi reports: The federal government needs to provide more resources and incentives to help healthcare organizations better protect their IT systems and data from cyberattacks, according to health IT security leaders. Currently, the Department of Health and Human Services’ privacy and security standards are too focused on compliance and are unduly punitive to healthcare…
One month later, Taos Municipal Schools District still working to recover from ransomware attack
Jesse Moya has an update on the Taos Municipal Schools District ransomware incident that occurred on February 28. On March 22, we had reported that three weeks later, the district was still working on recovering from the attack. As of March 28, they have continued to make progress, but they have not totally restored everything…