Justin Hendry reports: Queensland has become only the second state to legislate a mandatory data breach notification scheme for public sector entities, as an almost identical scheme comes into effect in New South Wales. The Information Privacy and Other Legislation Amendment Bill 2023 passed through the Queensland state Parliament on Wednesday, less than two months…
Category: Federal
FCC adopts new rules to protect consumers from SIM-swapping attacks
Sergiu Gatlan reports: The Federal Communications Commission (FCC) has revealed new rules to shield consumers from criminals who hijack their phone numbers in SIM swapping attacks and port-out fraud. FCC’s Privacy and Data Protection Task Force introduced the new regulations in July. They are geared toward thwarting scammers who seek to access personal data and information…
Australian Privacy Regulator Sues in MedLab Pathology Data Breach Case
Hunton Andrews Kurth writes: Patrick Gunning from King & Wood Mallesons reports that, on November 2, 2023, the Australian Information Commissioner filed proceedings in the Federal Court of Australia against Australian Clinical Labs Limited seeking a civil penalty (i.e., a fine) in connection with the company’s response to a data breach that occurred in February…
UK: Nearly £2 million of stolen cryptocurrency to be paid back to victims
An interesting press release from the South East Regional Organised Crime Unit (SEROCU): Around £1.9 million worth of stolen cryptocurrency is to be paid back to victims of theft as a result of work by the South East Regional Organised Crime Unit (SEROCU). On 27 January this year, 40-year-old Wybo Wiersma, of Het Weike, Goredijk,…
October 31: OCR Webinar on The HIPAA Security Rule Risk Analysis Requirement
From HHS OCR: OCR Webinar on The HIPAA Security Rule Risk Analysis Requirement Threats and vulnerabilities to electronic protected health information (ePHI) in today’s healthcare environment are numerous and varied. ePHI is under constant threat from malicious insiders selling PHI for financial gain, sophisticated hackers seeking to compromise healthcare systems and blackmail them with ransomware,…
AU: ASIC modifies licensees’ breach reporting obligations
Rachel Walker and Elouise Casey of Dentons write: Failure to comply with the mandatory breach reporting regime is arguably the canary in the coal mine for regulatory compliance to Australian Securities and Investments Commission (ASIC). We are expecting ASIC’s second annual report on the regime to be published very shortly, and we expect compliance has not…