Commentaries and Analyses – Page 231

The high cost of mishandling data breaches, security reporting for financial services

Posted on January 27, 2022 by Dissent

Karen Hoffman reminds readers of the costs of poor security, reporting, in part: Last month, the U.S. Securities and Exchange Commission (SEC) fined Chase $125 million due to employees’ insecure practices, namely using WhatsApp and personal email accounts to transact official business, thus not adhering to SEC record-keeping requirements. Additionally, under a separate enforcement action,…

Proposed settlement reached in lawsuit against Excellus

Posted on January 24, 2022 by Dissent

One year after Excellus settled with OCR over a 2015 data breach, there is now a proposed settlement in a class action lawsuit that was filed in response to the breach. The terms of the settlement, which have not yet been approved by the court, do not involve paying even one dime to class members….

Revised Health Breach Notification Rule resources spell out companies’ legal obligations

Posted on January 21, 2022 by Dissent

Lesley Fair writes: Shoppers can find a plethora of apps, trackers, and sensors that hold or capture almost every conceivable form of personal health information. If your business or nonprofit offers products like that or provides certain services to entities that do – and you aren’t subject to HIPAA – you may be covered by…

HHS Brief: Log4J Vulnerabilities and the Health Sector

Posted on January 21, 2022 by Dissent

The HHS Cybersecurity Program has issued a new brief this week: Log4J Vulnerabilities and the Health Sector You can access it at https://www.hhs.gov/sites/default/files/log4j-vulnerabilities-health-sector.pdf

New Loop: Data Breach to Lawsuit

Posted on January 21, 2022 by Dissent

Matt Fisher writes: A recurring pattern has developed when it comes to data breaches. The first part of the pattern is that healthcare is under constant cyber attacks that challenge security measures while aiming to get access to private and sensitive information within the systems. The prevalence of data breach notifications underscores how frequently security…

The Governor Who Thinks Examining HTML Is Criminal Hacking Is Now Working To Make Missouri’s Public Records Laws Worse

Posted on January 21, 2022 by Dissent

I wasn’t sure which of my sites this post by Tim Cushing belongs on, so I’m posting it to both, because the public needs to see what the government is doing to erode transparency and rights. Tim writes: Missouri Governor Mike Parson is perhaps best known these days for trying to convert a right-click menu option into…