Kenny Chee reports: The number of data breach alerts Singapore’s data protection watchdog received tripled in the February-March period compared with the previous two months. This comes amid a string of potential personal data leaks reported in recent months. Legal and information technology security experts said the increase could have been due to a new data breach…
Category: Federal
Implementing the HIPAA Security Rule: Call for Comments on NIST SP 800-66, Revision 1
Implementing the HIPAA Security Rule: Call for Comments on NIST SP 800-66, Revision 1 The National Institute for Standards and Technology (NIST) is planning to update the NIST Special Publication (SP) 800—66, Revision 1, An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule (“Resource Guide”). NIST is seeking stakeholder input…
White House Urged to Address Surge in Ransomware Attacks
Kartikay Mehrota reports: Cybersecurity experts, law enforcement agencies and governments urged the White House to root out safe havens for criminals engaging in ransomware and step up regulation of cryptocurrencies, the lifeblood of hackers, in the hopes of controlling a growing wave of attacks. These are two of 48 recommendations made by a task force…
Supreme Court holds that monetary relief is unavailable under Section 13(b) of the Federal Trade Commission Act
Brian Wolfman notes: The first paragraph of the Court’s unanimous opinion in AMG Capital Management v. FTC sums it up: Section 13(b) of the Federal Trade Commission Act authorizes the Commission to obtain, “in proper cases,” a “permanent injunction” in federal court against “any person, partnership, or corporation” that it believes “is violating, or is about to…
Bank Groups Object to Proposed Breach Notification Regulation
Doug Olenick reports: The American Bankers Association and three other groups have voiced objections to provisions in a cyber incident notification regulation for banks proposed by three federal agencies. For example, they say that the definition of a reportable “computer security incident” is too broad and would result in the reporting of insignificant events. The…
DOL Issues Cybersecurity Best Practices for ERISA Covered Retirement Plans
Joseph J. Lazzarotti of JacksonLewis writes: Today, the U.S. Department of Labor’s Employee Benefits Security Administration (EBSA) issued much anticipated cybersecurity guidance for employee retirement plans. This comes more than four and a half years after the ERISA Advisory Council, a 15-member body appointed by the Secretary of Labor to provide guidance on employee benefit plans, shared with the…