Pennsylvania Senate Republicans write: The state Senate today approved bipartisan legislation sponsored by Sen. Tracy Pennycuick (R-24) to strengthen notification requirements for data breaches and provide affected citizens with free credit monitoring and a credit report. Senate Bill 824, introduced with Sen. Jimmy Dillon (D-5), would provide citizens affected by a data breach a free credit report…
Category: State/Local
Indiana attorney general sues provider over violation of consumer protection, privacy laws
Abigail Ruhman reports: Indiana Attorney General Todd Rokita is suing a northwest Indiana medical office over a ransomware event that put personal and protected health information at risk. The lawsuit alleges the provider was aware of security concerns before the data breach. The lawsuit filed last week against CarePointe — an ear, nose, throat, sinus and…
Broomfield Skilled Nursing and Rehabilitation Center settles breach-related charges with Colorado Attorney General
Colorado Attorney General Phil Weiser recently announced a settlement with Broomfield Skilled Nursing and Rehabilitation Center, LLC stemming from a 2021 data breach. The following is the state’s press release: Sept. 22, 2023 (DENVER) – Attorney General Phil Weiser announced today a settlement with Broomfield Skilled Nursing and Rehabilitation Center, LLC., for failing to protect the personal…
Attorney General James Reaches Agreement with Marymount Manhattan College to Invest $3.5 Million to Protect Students’ Online Data
NEW YORK – New York Attorney General Letitia James today announced an agreement with Marymount Manhattan College (MMC), a private non-profit liberal arts college in New York City, to invest $3.5 million in data security to protect students’ online data. In 2021, MMC suffered a data breach that affected nearly 100,000 New Yorkers who were current…
NYC schools are tightening cybersecurity. Some educators fear unintended consequences.
Michael Elsen-Rooney reports: Following two high-profile data breaches, New York City’s Education Department has moved to shore up its cybersecurity protocols, increasing its vetting of software vendors and tightening email access for schools and parent leaders. Because of the new protocols, the school year has started without approvals for scores of programs, including popular ones…
California Privacy Protection Agency publishes new draft regulations addressing AI, risk assessments, cyber audits
Philip N. Yannella, Gregory P. Szewczyk, and Timothy Dickens of Ballard Spahr write: The California Privacy Protection Agency (CPPA) recently published two new sets of draft regulations addressing a range of cutting-edge data protection issues. Although the CPPA has not officially started the formal rulemaking process, the Draft Cybersecurity Audit Regulations and the Draft Risk Assessment Regulations will serve…