There is an enforcement update to an incident noted on this site in 2018. The incident that involved New England Dermatology P.C., d/b/a New England Dermatology and Laser Center (“NDELC”) was summarized by HHS in their resolution agreement and corrective action plan for this case: On May 11, 2021, NEDLC filed a breach notification report…
Category: Federal
South Korea to ban 16 unregistered overseas crypto exchanges
FE Digital Currency reports: South Korea’s Financial Services Commission (FSC) has reported 16 foreign crypto exchanges to investigative agencies for violating the Specific Financial Information Act, Cryptoslate reported quoting news1. As per the report, the 16 companies have reportedly been offering crypto services to Koreans and conducting events geared toward Koreans despite the law prohibiting…
US regulator urges MFA and puts banks on notice – not reasonably protecting data is illegal
Jim Nash reports: A U.S. consumer finance regulator has published a circular warning that insufficient security for consumer biometric and other personal data is illegal under federal law. Multi-factor authentication is singled out as a method of making data security sufficient. Anyone reading that who still thinks it will never happen to them is invited…
Malaysian minister says amendments to PDPA in the works after repeated data breached
Yiswaree Palansamy reports: Communications and Multimedia Minister Tan Sri Annuar Musa today said that several amendments to Act 709 of the Personal Data Protection Act (PDPA) 2010 are in the pipeline to strengthen the law, after a series of personal data breaches in the country this year. […] “For information, among the proposed amendments would…
Federal Bill Would Broaden FTC’s Role in Cybersecurity and Data Breach Disclosures
Kristin L. Bryan and Jeffrey L. Turner of Squire Patton Boggs write: Last week, the House Energy and Commerce Committee advanced H.R. 4551, the “Reporting Attacks from Nations Selected for Oversight and Monitoring Web Attacks and Ransomware from Enemies Act” (“RANSOMWARE Act”). H.R. 4551 was introduced by Consumer Protection and Commerce Ranking Member Gus Bilirakis…
Russian Ministry for Digital Development proposes turnover fines for data breaches
RAPSI News reports: The Ministry for Digital Development, Communications and Mass Media of the Russian Federation is preparing a bill on turnover-based fines for the personal data breach. This additional responsibility is to put business up to invest in the development of the information safety infrastructure and the personal data protection, a statement released on…