Luca Bertuzzi reports: The proposal for a Cyber Resilience Act that will be presented next week will mandate baseline cybersecurity standards for all connected devices and stricter conformity assessment procedures for critical products, according to a draft seen by EURACTIV. The proposal is trying to address the widespread vulnerabilities in the booming Internet of Things (IoT)…
Category: Federal
OCR Settles Case Involving Decade-Long Improper Disposal of Protected Health Information
There is an enforcement update to an incident noted on this site in 2018. The incident that involved New England Dermatology P.C., d/b/a New England Dermatology and Laser Center (“NDELC”) was summarized by HHS in their resolution agreement and corrective action plan for this case: On May 11, 2021, NEDLC filed a breach notification report…
South Korea to ban 16 unregistered overseas crypto exchanges
FE Digital Currency reports: South Korea’s Financial Services Commission (FSC) has reported 16 foreign crypto exchanges to investigative agencies for violating the Specific Financial Information Act, Cryptoslate reported quoting news1. As per the report, the 16 companies have reportedly been offering crypto services to Koreans and conducting events geared toward Koreans despite the law prohibiting…
US regulator urges MFA and puts banks on notice – not reasonably protecting data is illegal
Jim Nash reports: A U.S. consumer finance regulator has published a circular warning that insufficient security for consumer biometric and other personal data is illegal under federal law. Multi-factor authentication is singled out as a method of making data security sufficient. Anyone reading that who still thinks it will never happen to them is invited…
Malaysian minister says amendments to PDPA in the works after repeated data breached
Yiswaree Palansamy reports: Communications and Multimedia Minister Tan Sri Annuar Musa today said that several amendments to Act 709 of the Personal Data Protection Act (PDPA) 2010 are in the pipeline to strengthen the law, after a series of personal data breaches in the country this year. […] “For information, among the proposed amendments would…
Federal Bill Would Broaden FTC’s Role in Cybersecurity and Data Breach Disclosures
Kristin L. Bryan and Jeffrey L. Turner of Squire Patton Boggs write: Last week, the House Energy and Commerce Committee advanced H.R. 4551, the “Reporting Attacks from Nations Selected for Oversight and Monitoring Web Attacks and Ransomware from Enemies Act” (“RANSOMWARE Act”). H.R. 4551 was introduced by Consumer Protection and Commerce Ranking Member Gus Bilirakis…