As we anticipated last spring, the Department of Justice (DOJ) has signaled that it will utilize civil enforcement of the False Claims Act (FCA) to address new and emerging cybersecurity threats. On October 6, 2021, Deputy Attorney General Lisa Monaco
Continue Reading DOJ Announces New Cyber-Fraud Initiative Promoting False Claims Act Enforcement Against Contractors and Grantees Failing to Follow Cybersecurity Standards
Security, Privacy and the Law
Legal Perspectives on the Expanding Universe of Information Security & Privacy Issues.
Blog Authors
Latest from Security, Privacy and the Law
HHS OCR Issues Guidance on HIPAA, COVID-19 Vaccinations, and the Workplace
By Colin Zick
On September 30, 2021, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) issued guidance to help the public understand when the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule applies to…
Continue Reading HHS OCR Issues Guidance on HIPAA, COVID-19 Vaccinations, and the Workplace
Can You Still Protect Digital Forensic Reports From Discovery? It’s Getting Harder.
A data security incident will always require a technical response, and usually that technical response will come from outside experts. Those experts are hired to investigate and remediate an incident. Since data incidents can lead to government investigations and litigation,…
Continue Reading Can You Still Protect Digital Forensic Reports From Discovery? It’s Getting Harder.
Colorado Becomes that Latest State to Adopt a New Data Privacy Law
By Colin Zick
On July 7, 2021, Governor Jared Polis signed into law the Colorado Privacy Act (CPA), making Colorado the most recent state to enact comprehensive privacy legislation. While the CPA does not take effect until July 1, 2023, it contains robust…
Continue Reading Colorado Becomes that Latest State to Adopt a New Data Privacy Law
China Adopts New Data Security Law
By Colin Zick
On June 10, 2021, China adopted a new Data Security Law that will impact every business operating in or doing business with China. The law, which will take effect in less than a month (September 1, 2021), is sweeping in…
Continue Reading China Adopts New Data Security Law
Biden Issues Memorandum Aimed at Improving Cybersecurity
On July 28, 2021, President Biden issued a Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems. The Memo recognizes that the protection of the nation’s critical infrastructure lies not only with government, i.e., at the federal, state, local,…
Continue Reading Biden Issues Memorandum Aimed at Improving Cybersecurity
Briefings on HIPAA: CISA, FBI issue joint warning, mitigation tactics on TrickBot malware
By Colin Zick
Foley Hoag partner and Co-Chair of the firm’s Privacy and Data Security Practice, offers his insights, along with those of the Cybersecurity and Infrastructure Security Agency (CISA) and FBI regarding spear-phishing campaigns using TrickBot malware throughout North America.
Read the…
Continue Reading Briefings on HIPAA: CISA, FBI issue joint warning, mitigation tactics on TrickBot malware
Will “stopransomware.gov” Actually Stop Ransomware?
By Colin Zick
In response to the spate of ransomware attacks, the United States has launched a website, www.cisa.gov/stopransomware. According to the government press release, the website’s aim is:
to help public and private organizations defend against the rise in ransomware cases.…
Continue Reading Will “stopransomware.gov” Actually Stop Ransomware?
Virginia’s New Data Privacy Law: An Uncertain Next Step for State Data Protection
By Colin Zick
Virginia’s New Data Privacy Law: An Uncertain Next Step for State Data Protection
On March 2, 2021, Governor Ralph Northam signed the Virginia Consumer Data Protection Act (“VCDPA”) into law. This made Virginia the second state to enact a consumer…
Continue Reading Virginia’s New Data Privacy Law: An Uncertain Next Step for State Data Protection
Kaseya VSA Cyberattack: What Kaseya and the Feds Are Saying
By Colin Zick
If you aren’t following the ransomware attack on Kaseya’s VSA product and approximately 200 of its users, you should be. Like many cyberattacks, this one came on the verge of a holiday weekend. As the company itself notes, “Kaseya’s VSA product has…
Continue Reading Kaseya VSA Cyberattack: What Kaseya and the Feds Are Saying