Everyone has their own definition of a good day. Mine includes preventing breaches of patient medical information. Today qualifies as a good day, thanks to Project Insecurity. OpenEMR is open source software for managing electronic medical records (EMR) and other practice management functions. According to Wikipedia, OpenEMR is one of the most popular free electronic medical…
Category: Commentaries and Analyses
SEC Fines Mizuho for Failing to Protect Customer Data
Peter A. Kurtz and Craig A. Newman write: It is not enough for companies to establish policies and procedures designed to prevent the misuse of material nonpublic information. Companies must also enforce those policies and procedures. That’s the lesson from the U.S. Securities and Exchange Commission’s recent settlement with Mizuho Securities USA LLC (“Mizuho”), a broker-dealer,…
11th Circuit Decision in LabMD Case Could Have Repercussions Beyond the FTC
F. Paul Greene and Daniel J. Altieri consider the landscape after the 11th Circuit’s decision in the LabMD case, noting the state-level Unfair and Deceptive Acts and Practices (“UDAP”) laws and The Nationwide Assurance of Voluntary Compliance may become more prominent as tools for data security enforcement actions. They write, in part: The Nationwide Assurance…
University of Wisconsin system audit reveals risk of cyber attacks, student data at risk
A state audit finds the UW System could be an easy target for cyber attacks or hacks if changes are not made to information technology (IT) security systems. Auditors found risks to accounting, payroll and student data. The UW System has until the end of August to submit plans to the Joint Legislative Audit Committee…
Data leaks at 2 Thai banks spark call for legal safeguards
Cyber-security experts have urged the government to quickly strengthen legal safeguards by adding measures to prevent data leaks after the computer systems of two major Thai banks were hacked recently. According to the Bank of Thailand (BOT) on Wednesday, the computer systems of Kasikornbank (Kbank) and Krungthai Bank (KTB) were compromised in the attacks, affecting…
Leaked chats show alleged Russian spy seeking hacking tools
Just catching up with this great report by Ralph Satterson and Matthew Bodner of AP. It provides a great example of how innocent researchers need to remain vigilant about being played by spies. Six years ago, a Russian-speaking cybersecurity researcher received an unsolicited email from Kate S. Milton. Milton claimed to work for the Moscow-based…