With all the wildly erroneous claims made by people about what is covered by HIPAA, here’s a great explainer by attorney Jeff Drummond on exactly what kinds of entities ARE covered by HIPAA (Spoiler alert: yes, your local bar CAN ask you your vaccination status without violating HIPAA because they are not covered by HIPAA)….
Category: Legislation
Hackers to face 25 years in jail for cyber attacks on Australia’s national infrastructure
Zach Marzouk reports: Hackers could face up to 25 years in jail if found guilty of cyber offences against Australia’s critical infrastructure, under proposed changes introduced by the government today. The government tabled the Crimes Legislation Amendment (Ransomware Action Plan) Bill 2022 in a bid to modernise criminal offences and procedures to respond to the threat of ransomware….
Tech Transactions & Data Privacy 2022 Report: Ransomware Reporting Requirements: A Look Forward into Evolving Security Incident Notification Rules
Michael J. Waters and Colin H. Black of Polsinelli write: Tech Transactions & Data Privacy 2022 Report Data breach notification laws in the United States have historically focused on notifying individuals, regulators and others in situations in which personal information has been accessed or acquired. Ransomware attacks, while incredibly disruptive, do not always involve data…
SEC’s breach notification proposal one step closer to a final vote
Tonya Riley reports: The Securities and Exchange Commission voted Wednesday 3-1 to approve a recommendation for tighter mandatory cybersecurity requirements for financial institutions. The proposed rule will now open to public comment before a final vote. “The proposed rules and amendments are designed to enhance cybersecurity preparedness and could improve investor confidence in the resiliency of advisers…
Ethical hackers face tough sanction under Jamaican law
From the threats-to-ethical-hacking-and-a-free-press department, Edmond Campbell reports: Ethical hackers who find vulnerabilities on government or private websites in Jamaica could face a $3-million fine and three-year prison sentence if a provision in the Cybercrimes Act, 2015, remains and receives the nod from Parliament. That threat could penalise actors such as Zack Whittaker, the security editor at…
Prepared remarks: Attorney General Phil Weiser on the way forward on data privacy and data security (Jan. 28, 2022)
Colorado’s Attorney General, Phil Weiser, gave a speech for Data Privacy Day that talks about Colorado’s Privacy Act and its provisions with respect to both privacy and data security. It is a speech worth reading, especially if you want an overview of what is coming your way in Colorado. With three states now having state…