HIPAA Journal reports: Protenus has released its 2019 Breach Barometer report: An analysis of healthcare data breaches reported in 2018. The data for the report came from Databreaches.net, which tracks data breaches reported in the media as well as breach notifications sent to the Department of Health and Human Services’ Office for Civil Rights and…
Category: Of Note
A Closer Look: SEC’s Edgar Hacking Case
Craig A. Newman writes: Last month, the U.S. Securities and Exchange Commission charged nine defendants with hacking into the agency’s EDGAR system – the online platform used by public companies for making their public filings – and stealing material nonpublic information to use for illegal trading purposes. While the charges are new, the insider trading…
Fla. Courts Require Actual Injury to Demonstrate Standing in Data Breach Cases
Nicole Rekant and Stevan Pardo write: The proliferation of data breach cases in Florida courts has focused on Article III standing. To meet the pleading standard under Article III, a plaintiff must allege sufficient facts to show the injury-in-fact is concrete, particularized, actual, and imminent, not conjectural or hypothetical. An allegation of imminent injury may suffice…
620 million accounts stolen from 16 hacked websites now for sale on dark web, seller boasts
Chris Williams reports: Some 617 million online account details stolen from 16 hacked websites are on sale from today on the dark web, according to the data trove’s seller. For less than $20,000 in Bitcoin, it is claimed, the following pilfered account databases can be purchased from the Dream Market cyber-souk, located in the Tor…
California Consumer Privacy Act: The Challenge Ahead – The CCPA’s “Reasonable” Security Requirement
Bret Cohen, Paul Otto, Nathan Salminen, and Morgan Perna (law clerk) of Hogan Lovells write: ….This installment of the Hogan Lovells’ CCPA series explains the CCPA’s security requirement and consequences for non-compliance, and describes security controls that most organizations can implement to mitigate this risk. Available statutory penalties The CCPA allows consumers to sue businesses…
OCR Concludes All-Time Record Year for HIPAA Enforcement with $3 Million Cottage Health Settlement
The Office for Civil Rights (OCR) at the U.S Department of Health and Human Services concluded an all-time record year in Health Insurance Portability and Accountability Act (HIPAA) enforcement activity. In 2018, OCR settled 10 cases and was granted summary judgment in a case before an Administrative Law Judge, together totaling $28.7 million from enforcement…