Tag Archives: data breaches

Australia’s New Breach Notification Law Set to Take Effect February 2018

On February 13, 2017, the Australian Senate passed a bill establishing a mandatory requirement to notify the Privacy Commissioner and affected individuals of “eligible” data breaches. The Privacy Amendment (Notifiable Data Breaches) Act 2016, which was passed by the House of Representatives the previous week, amends Australia’s Privacy Act 1988 and is slated to take … Continue Reading

OCR to Increase Efforts to Investigate Breaches Affecting Fewer Than 500 Individuals

The Department of Health and Human Services Office for Civil Rights (OCR) is the federal agency tasked with investigating data breaches involving protected health information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA). The mere mention of an OCR investigation can strike fear into the hearts of HIPAA privacy officers and health care … Continue Reading

Tennessee Revamps Its State Data Breach Notification Statute

Tennessee amended its data breach notification statute to potentially require notification of a data breach to affected individuals regardless of whether the personal information involved in the security incident was encrypted. On July 1, Tennessee becomes the first state to remove its encryption safe harbor; there is still an ability to perform a risk analysis … Continue Reading

New Take on Old Phishing Scam Wreaking Havoc on HR Departments

From would-be Nigerian princes to foreign lottery officials, cybercriminals have been known to assume all sorts of false identities to carry out email phishing scams that trick unsuspecting consumers into clicking on fraudulent links or divulging personal information to strangers. We often see a spike in this type of activity around tax season, when fraudsters … Continue Reading

New York Attorney General Report Shows the Number of Data Breaches is on the Rise and Recommends Steps to Take for Protecting Against Them

On July 15, 2014, the New York Attorney General issued a report examining the growing number and costs of data breaches in the state of New York.  The report titled, “Information Exposed: Historical Examination of Data Security in New York State,” analyzes eight years’ worth of security breach data collected by the Attorney General and … Continue Reading

Vermont Grocery Store Agrees to Settlement with Attorney General for Alleged Violation of State Data Breach Response Laws

Co-authored by: Charles K. Shih Natural Provisions, Inc., a Vermont health foods grocery chain, agreed to pay $30,000 to settle claims brought by the Vermont attorney general that it failed to notify consumers and the attorney general within the statutory period required by Vermont’s Security Breach Notice Act and Consumer Protection Act. Natural Provisions, Inc. … Continue Reading

SEC To Issue Stronger Cybersecurity Guidance?

In February we wrote about whether Facebook’s IPO would set the tone under the SEC’s then-relatively new cybersecurity disclosure guidance. In subsequent months, it has become apparent that this guidance is still not yielding the level of disclosure on cybersecurity matters that regulators want. This is especially true with respect to the disclosure of past … Continue Reading

Cyber Criminals’ Menu Features the Food & Beverage Industry; Steps to Protect Your Business

2012 was a challenging year for the Food and Beverage (F&B) industry. In addition to increased government regulation, rising food prices and relatively slow growth trends, the industry once again was a favorite target of cybercriminals. According to the 2013 Trustwave Global Security Report, cyberattacks on F&B enterprises comprised 24% of attacks in 2012, second … Continue Reading
LexBlog