The Other Wyndham Hotel Case
Most of us are aware of the litigation between the FTC and Wyndham Hotels arising out of the data breaches experienced by Wyndham between 2008 and 2010, resulting in hackers stealing the personal information of over 600,000 customers. In a less
FDA ISSUES GUIDANCE ON CYBER SECURITY FOR MEDICAL DEVICES
On October 2, 2014, the FDA issued Guidance identifying cyber security issues that manufacturers of medical devices should consider in the design and development of their medical devices, as well as in preparing pre-market submissions for the de
CALIFORNIA ADDS TO IDENTITY THEFT PROTECTION LAW
Assembly Bill 1710 has strengthened California’s original security breach notification law, first passed in 2003. The Bill expands the applicability of the law to any company that merely maintains personal information of a California resident.
CALIFORNIA PASSES LAW FOR STUDENT DATA PROTECTION
California Governor Jerry Brown has signed into law Senate Bill 1177, the Student Online Personal Information Protection Act (SOPIPA), restricting collection and marketing uses of K-12 student data. The Bill requires the operator of an internet
Yelp and TinyCo Settle FTC Charges of COPPA Violations
On September 17, 2014, the FTC announced the review site Yelp, Inc., and mobile app developer TinyCo, Inc., in separate enforcement actions agreed to settle charges that they each violated COPPA. Yelp agreed to pay a $450,000.00 penalty, and Tin
Doing Business in Singapore?
In the event you collect any personal data while doing business in Singapore, the Personal Data Protection Act in Singapore requires that as of July 2, 2014, organizations collecting and handling personal data in Singapore must have a Data Prote
Verizon 2014 Data Breach Investigations Report Is Here
Verizon has released its latest Data Breach Investigations Report, and its 2014 edition is better than ever! Verizon studied 1,367 confirmed data breaches, and 63,437 security incidents in 95 countries. A breach is defined as an incident that re
Ponemon Institute Issues its Fourth Annual Study On Patient Privacy & Data Security
On March 13 the Ponemon Institute issued its Fourth Annual Study on patient privacy & data security. This study has come to be a respected and well received assessment of the privacy and security of patient information in health care. The st
IS HIPAA READY FOR MEDICAL WEARABLE DEVICES?
In technology years, the HIPAA Security Rule is a dinosaur. HIPAA was a brainchild of the enacted in 1996, largely to address health care access, “portability”, and privacy. The final rule on security standards was issued in 2003, to speci
NIST Issues Standards for Critical Infrastructure Cyber Security
On February 12, 2013, President Obama issued Executive Order 13636, “Improving Critical Infrastructure Cyber Security”, which called for a set of industry standards and best practices to help organizations manage cyber security risk. Pursu