Matt Fisher of Carium writes: Data breaches grab headlines on a daily basis and arise from a number of different scenarios. However, one question that is not necessarily examined closely (at least in news articles), is whether encryption was in place and why the encryption did not prevent the breach. That rhetorical question does not…
Category: U.S.
What Does the Fifth Circuit’s Vacating of HHS HIPAA Fines Mean for Companies This Year?
Here is some more commentary on the Fifth Circuit opinion in MD Anderson v. HHS. Elfin Noce, Liisa Thomas & Susan Ingargiola of SheppardMullin write, in part: On the ruling regarding the disclosure of ePHI, the Fifth Circuit held that HHS had failed to establish that MD Anderson disclosed ePHI to someone outside of the covered entity. The…
Lessons from Wengui v. Clark Hill: Structuring a Two Track Cyber Investigation
Stephanie A. Diehl of Proskauer writes: As the D.C. District Court in Wengui v. Clark Hill recently commented, “[m]alicious cyberattacks have unfortunately become a routine part of our modern digital world. So have the lawsuits that follow them….” The court’s decision in that case has added another data point to developing jurisprudence of the cyberattack landscape, specifically…
The M.D. Anderson Case and the Future of HIPAA Enforcement
Privacy law scholar Daniel Solove writes: The U.S. Court of Appeals for the 5th Circuit just issued a blistering attack on HIPAA enforcement by the U.S. Department of Health and Human Services (HHS). In University of Texas M.D. Anderson Cancer v. Department of Health and Human Services (No. 19-60226, Jan. 14, 2001), the 5th Circuit struck down a fine…
Hackers try to contaminate Florida town’s water supply through computer breach
This is the stuff nightmares are made of. Chris Bing reports: Hackers broke into the computer system of a facility that treats water for about 15,000 people near Tampa, Florida and sought to add a dangerous level of additive to the water supply, the Pinellas County Sheriff said on Monday. The attempt on Friday was…
Contractor for USAO Southern District of Iowa Provided Sensitive, Non-Public Info on Criminal Investigations to a Friend; Informants Wound Up “Outed” Online
An Iowa woman pleaded guilty today for unlawfully using a former Department of Justice contractor’s government computer to access government records and to obtain sensitive, non-public law enforcement information, announced Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s Criminal Division. According to admissions made in connection with her guilty plea, Rachel Manna,…