Federal – Page 49 – DataBreaches.Net

Executive Order on America’s Cybersecurity Workforce

Posted on May 3, 2019 by Dissent

Oh, I missed something yesterday. President Trump signed an Executive Order on America’s Cybersecurity Workforce. I can’t find it in the Federal Register yet, but you can read it here.

United Arab Emirates: New law regulating data in the health sector

Posted on May 3, 2019 by Dissent

DLA Piper writes: The United Arab Emirates (UAE) federal government has issued Federal Law No. 2 of 2019 on the Use of Information and Communication Technology (ICT) in Health Fields (“ICT Health Law”). The objectives of this law are to: ensure the optimal use of ICT in health fields; ensure safety and security of health…

New Requirements for FTC Data Security Settlements

Posted on May 3, 2019 by Dissent

Katherine E. Armstrong of Drinker Biddle & Reath LLP writes: Two of the Federal Trade Commission’s (FTC’s) most recent data security settlements include new requirements that go beyond previous data security settlements. The new provisions (1) require that a senior corporate officer provide to the FTC annual certifications of compliance and (2) specifically prohibit making…

SkyMed Medical Evacuation Membership Service Exposed Data of 137k Members

Posted on May 1, 2019 by Dissent

Jeremiah Fowler reports on another unsecured elasticsearch database that his firm has found: On March 27th I discovered an unsecured Elasticsearch database that contained what appeared to be members of a medical evacuation membership service. Upon further inspection of the data there were many references that the data allegedly belonged to Florida based SkyMed. It…

SEC Warns Advisers Over Privacy Compliance Issues

Posted on April 30, 2019 by Dissent

Craig A. Newman of Patterson Belknap writes: The Securities and Exchange Commission is warning investment firms to step up their game when it comes to following the agency’s privacy rules. In a Risk Alert issued by the Office of Compliance Inspections and Examinations (OCIE), a laundry list of compliance “deficiencies or weaknesses” were identified in…

HHS exercises enforcement discretion and reduces maximum civil penalties

Posted on April 27, 2019 by Dissent

Those who want to see HHS/OCR come down like a ton of bricks on more entities and impose heavier civil monetary penalties for HIPAA breaches will likely not be happy to learn that HHS has decided to reduce the maximum civil penalties it will impose for the four tiers of violations of HIPAA. Under the…