Disclaimer

This Blog/Web Site ("Blog") does not provide specific legal advice. It is for educational purposes only. Use of the Blog does not create any attorney-client relationship between you and Holland & Knight LLP or the author(s) of any posts. The Blog does not constitute legal advice and is not a substitute for competent legal advice from a licensed attorney in your state. Any links from another site to the Blog are beyond the control of Holland & Knight LLP and do not convey their approval, support or any relationship to any site or organization.

Find News & Knowledge

Cybersecurity and Privacy Topics

Data Breach    COPPA    

    Mobile    Privacy    

Cybersecurity    HIPAA

Incident Response

FTC    Legislation

  

Cybersecurity and Privacy Videos

 
How to Choose the Right
Cybersecurity Firm

Cybersecurity, Data Breach and Privacy Blog

Holland & Knight's Cybersecurity, Data Breach and Privacy Blog provides insights and analysis on privacy, information security, and information governance laws.

Showing 1-20 of 107 results
Sort By:
 
Next
The Federal Trade Commission (FTC) continues its comprehensive efforts to focus on consumer protection issues, including those around the use of Big Data, Artificial Intelligence (AI) and predictive analytics. These tools are utilized by every industry – ranging from banking/financial services, health, transportation, energy, retail, payment processors and a host of others – to meet the needs of their customers and for service delivery.
Read more »
November 13, 2018
|
The U.S. Food and Drug Administration (FDA) is moving aggressively in October to continue to raise concerns about cybersecurity risks to medical devices, with three recent updates. The FDA just released new draft guidance on these risks, indicating that it will eventually supersede the cybersecurity guidance issued in 2014.
Read more »
October 18, 2018
|
President Donald Trump on Sept. 20, 2018, unveiled a new National Cyber Strategy. This strategy follows the release of the May 2017 White House Cybersecurity Executive Order (EO) 13800. The EO addressed key issues and areas related to federal networks detailed in a prior blog as well as a focus on critical infrastructure sectors.
Read more »
September 27, 2018
|
The Trump Administration recently announced plans to establish U.S. consumer privacy standards in response to a series of high-profile privacy breaches.
Read more »
On Aug. 6, 2018, the Federal Trade Commission (FTC) announced plans to hold a series of public hearings from the fall of 2018 to January 2019 that will focus on key issues impacting the U.S. consumer. Specifically, these hearings will "examine whether broad based changes in the economy, evolving business practices, new technologies or international developments might require adjustments to competition and consumer protection law, enforcement priorities, and policy."
Read more »
August 14, 2018
|
On Tuesday, July 31, 2018, the Department of Homeland Security (DHS) hosted a National Cybersecurity Summit, featuring the nation's top homeland, national security and law enforcement officials.
Read more »
August 6, 2018
|
On June 26, Holland & Knight Senior Policy Advisors Scott Mason and Norma Krayem participated on a panel “Blockchain: Do We Need to Regulate to Innovate” in the firm's New York office. Given their knowledge on the subject and extensive engagement with federal legislators and regulators, they provided insight on how Congress and the Trump Administration's policy initiatives are evolving the use of blockchain in key sectors.
Read more »
On May 30, 2018, the White House released a key report, entitled "Assessment of Electricity Disruption Incident Response Capabilities," which was required by the May 2017 White House Cybersecurity Executive Order 13800 discussed in a prior blog. The report, written by the U.S. Departments of Homeland Security (DHS) and Energy (DOE), reviews the state of preparedness by the electricity sector and its ability to manage cybersecurity attacks, with a focus on how such respective attacks would impact other sectors.
Read more »
June 5, 2018
|
Cybersecurity risks to the health and medical device sector continue to be front and center both in Congress and the executive branch, with increasing risks coming from nation states, nonstate actors and other attackers. The health sector is one of 16 Critical Infrastructure (CI) sectors as defined by the U.S. Department of Homeland Security (DHS).
Read more »
May 21, 2018
|
On Feb. 21, 2018, the Securities and Exchange Commission (SEC) issued interpretive guidance on its expectations for corporate disclosures on cybersecurity risks.
Read more »
February 23, 2018
|
CMS issued a memo to state survey agency directors on December 28, 2017, to clarify CMS’s position on texting patient information. The memo, which indicates that it is effective “immediately,” states that CMS prohibits texting of orders by healthcare providers. Specifically, “texting orders from a provider to a member of the care team is not in compliance with the Conditions of Participation (CoPs) or Conditions of Coverage (CfCs).” In support of its position, CMS cites “§489.24(b),” which appears to be a typographical error. The rule dictating the form and retention of hospital records is 42 C.F.R. §482.24(b) .The rule states that “[m]edical records must be accurately written, promptly completed, properly filed and retained, and accessible.”
Read more »
December 29, 2017
|
The Department of Health and Human Services’ Office for Civil Rights, on July 25, 2017, announced an updated online tool that can be used to learn about breaches currently under investigation.
Read more »
Last week’s ransomware attack was one of the most widespread attacks we have seen, with (so far) more than 200,000 machines hit across more than 150 countries.
Read more »
May 15, 2017
|
On May 11, 2017, President Trump signed the long anticipated Cybersecurity Executive Order (EO), entitled "Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure." The Executive Order is broken down into three sections (1) Cybersecurity of Federal Networks; (2) Cybersecurity of Critical Infrastructure; and (3) Cybersecurity for the Nation.
Read more »
May 12, 2017
|
As the HHS Office for Civil Rights continues to issue press releases about HIPAA settlements and enforcement actions, now is a good time to re-examine HIPAA and data privacy compliance efforts. Healthcare Partner Shannon Hartsfield discusses three things covered entities and business associates can do to help reduce the chances of coming to the attention of OCR.
Read more »
A recent HHS OCR resolution agreement further emphasizes the importance of conducting risk analyses and addressing them appropriately.
Read more »
A recent HIPAA enforcement action by the HHS Office for Civil Rights makes it clear that delaying or avoiding compliance efforts could result in significant fines.
Read more »
February 13, 2017
|
The Department of Health and Human Services' Office for Civil Rights (OCR), in January 2017, published a cyber newsletter regarding the importance of audit controls with respect to HIPAA compliance.
Read more »
January 18, 2017
|
The Department of Health and Human Services recently announced the first HIPAA settlement based on a late breach notice, reinforcing the importance of having a written incident response plan.
Read more »
January 12, 2017
|
The effective date for proposed cybersecurity regulation for financial services companies regulated by the New York Department of Financial Services (NYDFS) has been extended to permit regulated entities more time to come into compliance with the new requirements.
Read more »
December 22, 2016
|
Next