Judy Skatssoon reports: Queensland is set to join NSW as the only other Australian state to introduce a mandatory data breach notification scheme. The state government says the Information Privacy and Other Legislation Amendment Bill 2023, introduced on October 12, contains reforms aimed at improving the accountability of government agencies and boosting privacy protections in…
Category: Legislation
FDA finalizes advice on cybersecurity info to include in device submissions
Jodi K. Scott, Lina Kontos, Randy Prebula, and Alex Smith of Hogan Lovells write: The U.S. Food and Drug Administration (FDA) has finalized its guidance on “Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions,” which advises medical device manufacturers on how to tighten cybersecurity measures in response to rapidly evolving online threats to…
Pennycuick Measure Providing Free Credit Monitoring for Data Breach Victims Approved by Pennsylvania Senate
Pennsylvania Senate Republicans write: The state Senate today approved bipartisan legislation sponsored by Sen. Tracy Pennycuick (R-24) to strengthen notification requirements for data breaches and provide affected citizens with free credit monitoring and a credit report. Senate Bill 824, introduced with Sen. Jimmy Dillon (D-5), would provide citizens affected by a data breach a free credit report…
Attorney General James Reaches Agreement with Marymount Manhattan College to Invest $3.5 Million to Protect Students’ Online Data
NEW YORK – New York Attorney General Letitia James today announced an agreement with Marymount Manhattan College (MMC), a private non-profit liberal arts college in New York City, to invest $3.5 million in data security to protect students’ online data. In 2021, MMC suffered a data breach that affected nearly 100,000 New Yorkers who were current…
DHS Pushes for Common Cyber Incident Reporting Definitions
Jose Rascon reports: The Department of Homeland Security (DHS) has released a new report looking to wrangle the different avenues in which the Federal government and its agencies report cyber incidents in a more ‘reportable’ fashion. The report, titled “Harmonization of Cyber Incident Reporting to the Federal Government” and released on Sept. 19, comes as…
OCR Presents: How the Security Rule Can Help Defend Against Cyber-Attacks
The HHS Office for Civil Rights (OCR) will be producing a pre-recorded webinar for HIPAA covered entities and business associates (collectively, “regulated entities”) discussing how the Security Rule can help regulated entities defend against cyber-attacks. The webinar will discuss real world cyber-attack trends from OCR breach reports and investigations and explore how implementation of appropriate…