Commentaries and Analyses – Page 509

The 3 Biggest Data Security Takeaways From The 11th Circuit Decision In FTC v. LabMD

Posted on October 16, 2018 by Dissent

After providing some history the LabMD enforcement action by FTC, and the former’s appeal to the 11th Circuit, Tom Kulik of Scheef & Stone, LLP outlines what he considers the three biggest data security takeaways from the case. You can read his article on Above the Law.

Infidelity dating site Ashley Madison still gets thousands of new users every day — here’s why

Posted on October 13, 2018 by Dissent

Lindsay Dodgson reports: If you sign up to Ashley Madison, you don’t have to think about what you’re doing as cheating, but “outsourcing your sex life.” “In 2018 we expect our life partners are going to be everything to us — they’ve got to be my best friend, they’ve got to be sexually compatible, they…

Escaping Notice, by Laying Low

Posted on October 11, 2018 by Dissent

HIPAA lawyer Matt Fisher has a thoughtful commentary inspired by an OCR investigation first reported on this site. Unlike the FTC who have tended to demand 20-year monitoring plans as part of their settlements with entities that have data security breaches, OCR tends to use a more educative approach without monetary penalties or long-term monitoring in…

Two years after ‘trauma’ of hack, DNC builds a tech team with a veteran bench

Posted on October 9, 2018 by Dissent

Tim Johnson reports: The digital operations team at the Democratic National Committee hit some dark days after Russian hackers mauled their networks in 2016, hijacking dozens of computers and pilfering tens of thousands of emails to hand over to WikiLeaks and onto the internet. Remnants of that digital bruising linger. “I feel like everyone’s still…

MedCall Advisors suffers second data leak in less than one month

Posted on October 8, 2018 by Dissent

A few weeks ago, DataBreaches.net reported on a leaky Amazon S3 bucket owned by MedCall Advisors in North Carolina. The leak, which exposed approximately 3,000 patients’ protected health information, was discovered by UpGuard, who published a number of redacted screenshots to document the leak. Their detailed report also noted how Randy Baker, the CEO of MedCall…

An OCR investigation illustrates the value of investigating small and medium-sized entities

Posted on October 8, 2018 by Dissent

One of the common themes in discussing security is that many organizations are not “mature” yet. And of course, as HIPAA recognizes in its security rule, smaller practices should not be expected to do everything you might expect a larger hospital system to do. But even small or medium-sized entities need to comply with the core…