From a press release from the NYS Attorney General’s Office today: New York Attorney General Letitia James today secured $350,000 from a Long Island-based home health care company, Personal Touch Holding Corporation (Personal Touch), for failing to protect vulnerable New Yorkers’ personal information and health care data. Personal Touch’s poor data security made it vulnerable to…
Category: Legislation
Inmediata settles multi-state litigation for $1.14 million; will improve data security and breach notification practices
Indiana Attorney General Rokita led a coalition of 33 attorneys general in a multi-state investigation and litigation against health care clearinghouse Imnediata stemming from a breach disclosed in 2019. Background In January 2019, HHS OCR alerted Inmediata that protected health information (PHI) maintained by Inmediata was available online and had been indexed by search engines….
Queensland agencies to face mandatory data breach reporting
Judy Skatssoon reports: Queensland is set to join NSW as the only other Australian state to introduce a mandatory data breach notification scheme. The state government says the Information Privacy and Other Legislation Amendment Bill 2023, introduced on October 12, contains reforms aimed at improving the accountability of government agencies and boosting privacy protections in…
FDA finalizes advice on cybersecurity info to include in device submissions
Jodi K. Scott, Lina Kontos, Randy Prebula, and Alex Smith of Hogan Lovells write: The U.S. Food and Drug Administration (FDA) has finalized its guidance on “Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions,” which advises medical device manufacturers on how to tighten cybersecurity measures in response to rapidly evolving online threats to…
Pennycuick Measure Providing Free Credit Monitoring for Data Breach Victims Approved by Pennsylvania Senate
Pennsylvania Senate Republicans write: The state Senate today approved bipartisan legislation sponsored by Sen. Tracy Pennycuick (R-24) to strengthen notification requirements for data breaches and provide affected citizens with free credit monitoring and a credit report. Senate Bill 824, introduced with Sen. Jimmy Dillon (D-5), would provide citizens affected by a data breach a free credit report…
Attorney General James Reaches Agreement with Marymount Manhattan College to Invest $3.5 Million to Protect Students’ Online Data
NEW YORK – New York Attorney General Letitia James today announced an agreement with Marymount Manhattan College (MMC), a private non-profit liberal arts college in New York City, to invest $3.5 million in data security to protect students’ online data. In 2021, MMC suffered a data breach that affected nearly 100,000 New Yorkers who were current…