Eli Richman reports: Email phishing attacks, ransomware attacks and attacks against connected medical devices are among the greatest cyberthreats that health systems need to protect against, according to new cybersecurity guidance for health systems from the Department of Health and Human Services.Released last week, the Health Industry Cybersecurity Practices were released to help the industry identify…
Category: U.S.
Data leak shuts down Alaska’s PFD application website
KTUU reports that Alaska’s Permanent Fund Dividend web site is down and will remain down for now while the state investigates and remediates a data leak. ANCHORAGE, Alaska (KTUU) — Update: 10:27 p.m.:The Alaska Department of Revenue will not reopen the Permanent Fund Dividend application website until the integrity of filer information can be guaranteed, according…
Ohio Moves on Insurance Cybersecurity
Josephine Cicchetti of Carlton Fields writes: Ohio has joined South Carolina in becoming the next state to adopt a variation of the NAIC Insurance Data Security Model Law (“MDL-668”). This legislation makes a number of changes to Ohio’s insurance law, including the addition of a new Chapter 3965, which establishes “standards for data security and…
Six years after massive data breach, SC still fixing security, but ends victim credit monitoring
Andy Shain reports: Six years after one of the nation’s worst data breaches, South Carolina efforts to protect computer records from hackers remain a work in progress, but that did not prevent the end of free credit report monitoring for millions of taxpayers whose information was stolen. […] No arrests have been made in the…
State Data Breach Notification Laws: 2018 in Review
Caleb Skeath and Brooke Kahn of Covington & Burling provide a useful recap of changes in 2018 that will impact us in 2019: …. Following up on our global year-end review of major privacy and cybersecurity developments, we’ve summarized the major developments and trends observed with regards to state data breach notification laws over the past…
MO: Choice Rehabilitation notifies patients after hack of corporate email account
The following notice from Choice Rehabilitation is dated December 18, 2018, but first appeared in STLToday on December 31, 2018: December 18, 2018 Choice Rehabilitation of Creve Coeur, MO notified more than 500 residents of a breach of unsecured resident health information after discovering the following event: On November 7, 2018, Choice Rehabilitation, (Choice) discovered…