Joseph J. Lazzarotti and Maya Atrakchi of JacksonLewis write: In the final days of 2020, the Office for Civil Rights (OCR) at the U.S. Health and Human Service (HHS) released a HIPAA Audits Industry Report (“the Report”), that could be quite helpful to covered entities and business associates for tackling HIPAA compliance as we enter the new…
Category: Subcontractor
Corporate Secrets at Risk in Hack of U.S. Courts Documents
Bloomberg Law reports: The Administrative Office of the U.S. Courts on Wednesday disclosed the “apparent compromise” of the electronic filing and case management system, known as CM/ECF. An AO spokesperson told Bloomberg Law the compromise is likely connected to the hack of SolarWinds’ Orion products, which affected multiple government agencies and companies. The AO said…
Personal data of ANWB customers may have been stolen after a cyber attack
ANP reports that ANWB (the Royal Dutch Touring Club) has sent an email to former and current members to warn them that their data may have been compromised in cyber attack. The attack was not on ANWB’s own system, it seems, but a collection agency that they use for delinquent accounts — Trust Krediet Beheer…
Data Analytics Company Settles with FTC Over Alleged Data Security Violations
Sheila A. Millar and Tracy P. Marshall of Keller & Heckman write: Third-party service providers are vital to many companies and they handle a wide range of business activities essential for companies to deliver their own offerings. But a company is not adequately protecting consumers if it fails to perform proper due diligence on service…
DHS Warns That American Businesses Face Ongoing Data Theft Threat From Vendors in China
Scott Ikeda reports: The Department of Homeland Security (DHS) has issued a broad warning to all American businesses about potential data theft by partners in China that have connections to the government. The advisory outlines “PRC legal regimes and known PRC data collection practices” that could present a risk to any organization not based in the…
Ransomware attack cripples NYC DOE’s teacher disciplinary system
Susan Edelman reports: A ransomware attack has crippled the city’s teacher discipline system, The Post has learned. A contractor that provides hearing transcripts for the city Department of Education, the Ubiqus Group, said it “was hit by a ransomware-type cybersecurity incident” on Dec. 4. Read more on NY Post.