Phil Fairbanks reports: When the FBI uncovered a scammer targeting Wegmans two years ago, agents hacked into the suspect’s computer in an effort to learn his identity. The hacking, approved by a judge, involved an email and attachment that, when opened, connected the suspect’s computer to an FBI server. A new lawsuit in Buffalo federal…
Category: Federal
New China Guideline for Internet Personal Information Security Protection
Barbara Li and Bohua Yao report: On November 30, 2018 the Cyber Security Protection Bureau, under the auspices of the PRC Ministry of Public Security (the “MPS”), issued a draft Guideline for Internet Personal Information Security Protection (the “Guideline”) along with a request for public comments. Even though, upon reaching final form and taking effect, the…
FTC Calls For Data Breach Law To ‘Clarify’ Its Authority
Ben Kochman reports: The Federal Trade Commission has called on Congress to “clarify” its authority to regulate data breaches, while responding to the White House’s request for advice on how the administration should handle consumer privacy. In comments posted last week to the U.S. Department of Commerce‘s National Telecommunications and Information Administration, the FTC said…
Canadian Regulator Issues Final Guidance on New Data Breach Reporting Requirements
Hunton writes: On October 29, 2018, the Office of the Privacy Commissioner of Canada (the “OPC”) released final guidance (“Final Guidance”) regarding how businesses may satisfy the reporting and record-keeping obligations under Canada’s new data breach reporting law. The law, effective November 1, 2018, requires organizations subject to the federal Personal Information Protection and Electronic…
Is Your e-PHI Secure? ONC and OCR Update HIPAA Security Risk Assessment Tool
Valerie K. Jackson of Jackson Lewis writes: October 2018 marks the 15th annual National Cyber Security Awareness Month. In honor of this occasion, the Office of the National Coordinator for Health Information Technology (ONC) and the HHS Office for Civil Rights (OCR) have jointly launched an updated HIPAA Security Risk Assessment (SRA) Tool to help covered entities and…
House Financial Services Committee passes R.6743
Aaron Lancaster of BakerHostetler has a great privacy rewind for the week that includes action in Congress. He writes: House Committee Passes Federal Data Breach Notification Bill for Financial Institutions The House Financial Services Committee passed R. 6743, the Consumer Information Notification Requirement Act, which would require financial institutions to notify affected customers of a data…