The law firm of BakerHostetler has recently released several free resources of note: EU GDPR Data Breach Notification Interactive Map State Data Breach Notification Law Interactive Map PDF Version of State Data Breach Notification Laws They have also released their annual Data Security Incident Response Report for 2023. Thanks, as always, to Joe Cadillic for…
Category: State/Local
Attorney General James Reaches Agreement with Refuah Health Center to Invest $1.2 Million to Protect Patient Data and Pay $450,000 in Penalties to State
January 5, 2024 NEW YORK – New York Attorney General Letitia James today announced an agreement with a Hudson Valley-area health care provider, Refuah Health Center, Inc. (Refuah), for failing to safeguard the personal and private health information of its patients. The Office of the Attorney General (OAG) found that Refuah failed to maintain appropriate controls to protect and limit access to sensitive data, including by failing to encrypt patient information and using multi-factor authentication. As…
Seeking clarification on Maine’s data breach notification statute
If you can’t get an interpretation of a state breach notification statute from the state’s attorney general, where can you get it? DataBreaches recently wrote to the Maine Attorney General’s Office: I am not sure I really understand a provision in Chapter 210-B §1348. Security breach notice requirements, and am seeking clarification. In Paragraph 1,…
DFS Announces $1 Million Cybersecurity Settlement With First American Title Insurance Company
Press Release of November 28: The New York State Department of Financial Services (DFS) today announced that First American Title Insurance Company (First American) will pay a $1 million penalty to New York State for violations of DFS’s Cybersecurity Regulation (23 NYCRR Part 500) stemming from a large-scale cybersecurity breach in May 2019. The breach…
States settle with Morgan Stanley for $6.5 million over data security incidents
In addition to Florida, represented by Consumer Protection Division Multistate and Privacy Bureau Chief Patrice Malloy and Senior Assistant Attorney General Diane Oates, the following states joined the action: Connecticut, Indiana, New Jersey, New York and Vermont. To view a copy of the agreement, click here. Source: MyFloridaLegal.com
Minnesota schools turn to voters, plead for lawmaker help in fending off cyberattacks
Dana Ferguson reports: Faced with a growing threat of cybersecurity breaches, school districts around the country and in Minnesota are turning to local taxpayers and state officials for help in building up their defenses. Voters in at least 17 communities last week weighed ballot questions letting local districts raise tax levies for cybersecurity improvements; more…