On December 21, 2023, the Federal Communications Commission released an order updating its data breach rules.  These updated rules require telecommunications providers to report breaches of customer proprietary network information, such as numbers that have been dialed and when…

Key Takeaways:

• The Federal Bureau of Investigation (FBI) and Cybersecurity & Infrastructure Security Agency (CISA) have jointly issued a cybersecurity advisory in response to recent activity by the threat actor group known as Scattered Spider.
• Scattered Spider is known to

…

If you need a little intellectual stimulation after hours of Thanksgiving turkey and football, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has just the thing — the new CISA Mitigation Guide for the Healthcare and Public Health Sectors. …

NordPass (the purveyor of a password manager) has assembled a list of the top 20 passwords in healthcare, based on usage by the world’s largest companies.  According to NordPass’s analysis, the “top” 20 passwords are:

…

Massachusetts Extends Protections for Counseling Records of Survivors of Sexual Assault
The Massachusetts Supreme Judicial Court has ruled in In the Matter of a Motion to Compel, SJC-13336 that the Superior Court could not order a Massachusetts counseling center to…

Key Takeaways:

• This executive order (EO) directs federal agencies to review and develop policies to guide the use of artificial intelligence that touches every sector of the economy.
• The EO directs the Department of Health and Human Services (HHS) to

…

In late September, the NY State Education Department issued a two-page order providing that NY public schools may not purchase or utilize facial recognition technology. The Department relied on a report issued by the NY Office of Information Technology Services…