From Bloomberg Law: A Virginia health-care system will have to answer claims that it is liable for its employees’ snooping into a patient’s confidential health information. A Virginia trial court shouldn’t have dismissed Lindsey Parker’s complaint alleging Carilion Healthcare Corp. and Carilion Clinic should be held liable for their employees’ wrongdoing, the Virginia Supreme Court…
Category: Commentaries and Analyses
Litigation Options For Post-Cyberattack ‘Active Defense’
Alexander Berengaut and Tarek Austin of Covington & Burling write: In March 2017, Rep. Tom Graves, R-Ga., introduced a draft bill titled the Active Cyber Defense Certainty Act. The bill would amend the Computer Fraud and Abuse Act to enable victims of cyberattacks to employ “limited defensive measures that exceed the boundaries of one’s network…
Central New York Schools Struggle with Ongoing Cyberattacks
Elizabeth Doran reports: More than 50 Central New York school districts have been hit with nine cyber attacks so far this year, the most recent attack occurring on Oct. 4, U.S. Sen. Chuck Schumer said today. Schumer, speaking at the Central New York Regional Information Center in in DeWitt today, said he is sending a…
Massive data leak affecting Arik Air customers; company slow to respond: Paine
Oladeinde Olawoyin reports: Millions of customers flying Nigeria’s foremost airline, Arik Air, may have had their data leaked as details emerged on Wednesday that the airline’s data were found in exposed and vulnerable Amazon S3 buckets. According to Justin Paine, Head of Trust & Safety at Cloudflare, there is a bucket containing a large number…
Third of US data breaches happen in hospitals
Anthony Spadafora reports: After a recent series of aggressive phishing attacks on NHSmail, cyber security provider Cofense has compiled a new report using shared US client data to reveal how much of a danger future phishing attacks could become in the UK. The report, entitled Say Ah: A Closer Look at Phishing in the Healthcare…
Is Your e-PHI Secure? ONC and OCR Update HIPAA Security Risk Assessment Tool
Valerie K. Jackson of Jackson Lewis writes: October 2018 marks the 15th annual National Cyber Security Awareness Month. In honor of this occasion, the Office of the National Coordinator for Health Information Technology (ONC) and the HHS Office for Civil Rights (OCR) have jointly launched an updated HIPAA Security Risk Assessment (SRA) Tool to help covered entities and…