Regulators in Romania have issued monetary penalties to six Romanian entities for insufficient technical and organizational measures to ensure information security. Two other entities were issued fines for other GDPR violations. The fines for insufficient technical and organizational measures ranged from 1,000 to 10,000 euros. Two of the entities were in the medical center. A…
Category: Legislation
Monetary Authority of Singapore Sets Out Revised Expectations for Notification of Data Breaches by Licensed Insurers
Rajesh Sreenivasan, Steve Tan, Benjamin Cheong, Lionel Tan, Tanya Tang, Wong Onn Chee, Simon Goh, and Wang Ying Shuang of Rajah & Tann Asia write: On 22 February 2023, the Monetary Authority of Singapore (“MAS“) issued Circular No. ID 03/23 – Notification of Data Breaches to the Monetary Authority of Singapore (“Circular 03/23“). Circular 03/23…
NY Attorney General James Continues Crackdown on Unregistered Cryptocurrency Platforms
If you’re a cryptocurrency platform doing business in New York but are not registered with the state, Attorney General James will be coming after you. NEW YORK – New York Attorney General Letitia James today continued her efforts to crack down on unregistered cryptocurrency platforms by filing a lawsuit against KuCoin for failing to register…
After newest data leak, lawyers say time for Putrajaya to give up PDPA immunity
R. Loheswar reports: Continued breaches exposing Malaysians’ private information at government agencies meant the Personal Data Protection Act (PDPA) should be amended to finally make these accountable, said legal experts. In its current form, the PDPA only covers commercial entities and transactions, exempting both the federal and state governments from its rules and principles, including…
Cyber Plan Would Hold Software Makers Responsible in Hacks
Katrina Manson reports: The Biden administration is set to release an aggressive new national cybersecurity strategy on Thursday that seeks to shift the blame from companies that get hacked to software manufacturers and device makers, putting it on a potential collision course with big technology companies. The 35-page strategy, shared in advance with a group…
HHS OCR creates new HIPAA enforcement arm and enhances focus on cybersecurity and privacy oversight
Marcy Wilder, Scott Loughlin, Melissa Bianchi, Paul Otto, and Alyssa Golay of Hogan Lovells write: This week the U.S. Department of Health and Human Services, the agency responsible for HIPAA enforcement, announced the formation of three new divisions within the Office for Civil Rights (“OCR”). The new divisions – Enforcement, Policy, and Strategic Planning –…