Joseph J. Lazzarotti of JacksonLewis writes: Today, the U.S. Department of Labor’s Employee Benefits Security Administration (EBSA) issued much anticipated cybersecurity guidance for employee retirement plans. This comes more than four and a half years after the ERISA Advisory Council, a 15-member body appointed by the Secretary of Labor to provide guidance on employee benefit plans, shared with the…
Category: Federal
Report: Draft Executive Order to Require Software Vendors to Notify Federal Customers of Cyber Breaches
Jane Edwards reports: A draft of an executive order would direct software companies to inform federal agency clients in the event of a cyber attack within their organizations, keep more digital records and work with the Cybersecurity and Infrastructure Security Agency and the FBI on incident response efforts, Reuters reported Friday. The order would require multifactor authentication…
SG: Revised Guides on Managing Data Breach and Active Enforcement Now Available
An announcement from the Personal Data Protection Commission of Singapore: The PDPC has updated Guide to Managing Data Breaches 2.0 (now known as the Guide on Managing and Notifying Data Breaches under the PDPA) with details of the mandatory data breach notification requirement under the PDPA. Access the Guide here. The Guide on Active Enforcement has…
Human rights lawyers ask Australia’s ‘hacking’ Bill be redrafted
Asha Barbaschow |reports: Human Rights Law Centre and the Law Council of Australia have asked that the federal government redraft the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020, calling its contents “particularly egregious” and “so broad”. The Bill, if passed, would hand the Australian Federal Police (AFP) and the Australian Criminal Intelligence Commission (ACIC)…
At House SolarWinds hearing, bipartisan lawmakers announce breach disclosure bill
Joe Uchill reports: At a joint hearing of the House Oversight and Homeland Security Committee about the SolarWinds-related espionage campaign, Rep. Michael McCaul, R-Texas, said that he and Rep. Jim Langevin, D-R.I., are working on legislation to require companies to notify the federal government after similar breaches. The Friday House hearing was the second hearing of…
French Regulator Lambasts Health Firms Over Mass Data Leak
Helene Fouquet reports: France’s privacy watchdog said it’s investigating the leak of sensitive health data on half a million people and said the companies involved could face heavy penalties if they don’t come forward with details of the breaches. The leaks were of “particularly significant magnitude and severity,” the CNIL said in a statement. Hackers may have…