Peter Dinham reports: A majority of Australian IT decision-makers believe reporting of data breaches to regulators will help prevent cyber crime. Surveyed by global security vendor Palo Alto Networks, 79% of IT decision-makers agreed that reporting breaches to regulators should be mandatory and 69% believed reporting of data breaches to regulators would help prevent cyber…
FTC: Privacy & Data Security Update: 2017
The Federal Trade Commission (FTC) has released its Privacy & Data Security Update: 2017. The report is organized by major privacy enforcement actions in 2017, data security enforcement in 2017, and other topics of significant concern such as fair credit reporting, children’s online privacy and do not call. Apart from the Lenovo, Uber, and D-Link…
‘Professional’ hack on Norwegian health authority compromises data of three million patients
Sooraj Shah reports: Hackers have breached the systems of Norway’s Health South East RHF, with nearly three million patients’ data potentially compromised as a result. Health South-East is responsible for the counties of Østfold, Akershus, Oslo, Hedmark, Oppland, Buskerud, Vestfold, Telemark, Aust-Agder and Vest-Agder. The breach was announced on Monday by the authority after it had…
Aetna Customers Get $17 Million In HIV Privacy settlement
WTVA reports: After thousands of customers’ HIV statuses were revealed in mailings last year, a federal class-action lawsuit against health care company Aetna has reached a $17 million settlement. The lawsuit was filed in August after some 12,000 Aetna customers nationwide received letters mailed in July that accidentally revealed their HIV status through the windows…
South Dakota lawmakers delay action on data breach legislation
AP reports: A legislative panel has delayed action on a bill that would require companies to inform South Dakota residents whose personal information was acquired in a data breach. The Senate Judiciary Committee plans to take up the proposal again Thursday. Attorney General Marty Jackley’s bill would require affected South Dakotans be notified within 60…
Arizona Legislature Considers Strengthening Data Breach Notification Law
John G. Kerkorian, David M. Stauss, Gregory P. Szewczyk, and Kimberly A. Warshawsky of Ballard Spahr write: The Arizona State Legislature is considering proposed legislation that, if enacted, would significantly change the requirements for how Arizona entities respond to data breaches. Under Arizona’s existing breach notification law, entities that conduct business in the state and own or license computerized…