As we’ve written about before, the question of anonymization can be tricky. When is something “anonymized” or merely “de-identified” or “pseudonymous” — and when does it matter? This is a particularly fraught issue under the GDPR, where the text of
Security, Privacy and the Law
Legal Perspectives on the Expanding Universe of Information Security & Privacy Issues.
Latest from Security, Privacy and the Law - Page 3
Expiration of COVID-19 Public Health Emergency Means the Beginning of the End for HIPAA Privacy and Security Enforcement Discretion
By Colin Zick
The Notifications of Enforcement Discretion issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act during the COVID-19 public health emergency expired at 11:59 pm on…
As If Bank Failures Aren’t Enough – Hackers Are Exploiting the Chaos to Breach Security
By Colin Zick
The Massachusetts State Police Commonwealth Fusion Center (CFC) believes that cyber actors may use the current bank failures for future phishing and business email compromise (BEC) attacks. Cyber actors often use current events to mask their phishing campaigns to seem…
State Data Privacy Law Development Proceeds Apace
By Samuel Hoff
FTC Likely to Continue Focus on Health Care Data
Physical and Cyber-Attacks on Energy Infrastructure Expected to Continue
By Cloe Pippin
Over the past several years, the energy sector has become a prime target for hacking and ransomware attacks, with over 40 attacks on the industry since 2017. Cyber attacks have only continued to rise, with a record high of 13…
Fintech Companies Prepare for Forthcoming Updates to the NY Cybersecurity Regulation
Proposed Amendments to 23 NYCRR Part 500
If you are the chief information security officer (“CISO”) of a fintech company operating in New York, you may already be aware that, on November 9, 2022, the New York State Department of…
Chris Hart Discusses the US National Cybersecurity Strategy with SecurityWeek
Privacy & Data Security Practice co-chair Chris Hart spoke to SecurityWeek about the Biden administration’s National Cybersecurity Strategy and government intentions for the future of U.S. cybersecurity.
Read the full article here.The post Chris Hart Discusses the US National…
Things We Learned at the 2023 IAPP Global Privacy Summit
The International Association of Privacy Professionals held its annual Global Privacy Summit on April 4-5 in Washington, D.C. Here are some things we learned.
- Organizations are scrambling to deploy generative
…
HHS Office for Civil Rights Announces the Expiration of COVID-19 Public Health Emergency HIPAA Enforcement Discretion
By Colin Zick
Like many regulatory standards, enforcement of HIPAA was relaxed as part of the COVID-19 pandemic response. With the end of the public health emergency declaration on May 11, 2023, the broad relaxed HIPAA enforcement also will be coming to an…