Computer and Electronics, Insurance and Privacy

Maryland Court Finds Coverage for Lost Data and Slow Computers After Ransomware Attack

Hunton Privacy

FEBRUARY 5, 2020

As previously posted on our Hunton Insurance Recovery blog , a Maryland federal court awarded summary judgment to policyholder National Ink in National Ink and Stitch, LLC v. This is significant because it demonstrates that insureds can obtain insurance coverage for cyber attacks even if they do not have a specific cyber insurance policy.

Computer and Electronics

Computer and Electronics Ransomware Insurance Access

Security Affairs newsletter Round 463 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 17, 2024

France Travail data breach impacted 43 Million people Scranton School District in Pennsylvania suffered a ransomware attack Lazarus APT group returned to Tornado Cash to launder stolen funds Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case UK Defence Secretary jet hit by an electronic warfare attack in Poland Cisco (..)

Data breaches

Data breaches Security Computer and Electronics Ransomware

Court Rules Fraud Involving a Computer Is Not ‘Computer Fraud’ under Crime Protection Policy

Hunton Privacy

OCTOBER 25, 2016

18, 2016), that a crime protection insurance policy does not cover loss resulting from a fraudulent email directing funds to be sent electronically to the imposter’s bank account because the scheme did not constitute “computer fraud” under the policy. Great American Ins. No 15-20499 (5th Cir. Background. Read the full alert.

Computer and Electronics

Computer and Electronics Insurance IT Cybersecurity

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Understanding HIPAA: A Guide to Avoiding Common Violations

Armstrong Archives

AUGUST 25, 2023

The Health Insurance Portability and Accountability Act (HIPAA) ensures individuals’ health data protection and privacy. This includes insurance companies, nurses, and doctors. It’s all about creating the perfect balance between optimal medical services while upholding patient privacy.

Computer and Electronics

Computer and Electronics Insurance Compliance Risk

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

Rather than bringing substantial changes to the existing China data privacy framework, the PIPL helpfully consolidates and clarifies obligations on processing of personal information at a national law level. To be clear, this is not China’s own GDPR.

Data Privacy

Data Privacy Privacy Compliance Analytics

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

Data Matters

FEBRUARY 6, 2019

On December 3, 2018, twelve attorneys general (“AGs”) jointly filed a data breach lawsuit against Medical Informatics Engineering and its subsidiary, NoMoreClipboard LLC (collectively “the Company”), an electronic health records company, in federal district court in Indiana. See Indiana v. Informatics Eng’g, Inc. , 3:18-cv-00969 (N.D.

Data breaches

Data breaches Computer and Electronics Security Insurance

What IG Professionals Should Know About the Internet of Bodies

ARMA International

FEBRUARY 21, 2020

Another common name for the IoB is embodied computing , where the human body is used as a technology platform. On the downside, because of their almost constant presence, the devices can facilitate an all-encompassing capture of personal information, intended and unintended, which, for example, can run afoul of workplace privacy laws.

Computer and Electronics

Computer and Electronics Privacy Artificial Intelligence IoT

The U.S. Office of the Comptroller of the Currency Seeks Comment on Digital Innovation by Banks

Data Matters

JUNE 12, 2020

electronic payments, check capture and online banking), the OCC lists some of the new technologies, the implementation of which may be hindered by ambiguous, burdensome or inflexible rules, such as blockchain, artificial intelligence, biometrics, cloud computing and big data/analytics. Comments are due by August 3, 2020.

Artificial Intelligence

Artificial Intelligence Blockchain Financial Services Computer and Electronics

HHS Announces HIPAA Settlement with UMass

Hunton Privacy

NOVEMBER 30, 2016

On November 22, 2016, the Department of Health and Human Services (“HHS”) announced a $650,000 settlement with University of Massachusetts Amherst (“UMass”), resulting from alleged violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules. .

Computer and Electronics

Computer and Electronics Insurance Privacy Risk

List of data breaches and cyber attacks in June 2021 – 9.8 million records breached

IT Governance

JULY 1, 2021

discloses ransomware incident (unknown). discloses ransomware incident (unknown). million drivers’ details (3.3

Data breaches

Data breaches Ransomware Computer and Electronics Retail

OCR Enters into Record Settlement with Anthem

Hunton Privacy

OCTOBER 22, 2018

Three years ago, in February 2015, OCR opened a compliance review of Anthem, the nation’s second largest health insurer, following media reports that Anthem had suffered a significant cyberattack. prevent unauthorized access to ePHI.

Computer and Electronics

Computer and Electronics Passwords Data breaches Compliance

German court: monitoring of employees by key logger is not allowed

Data Protection Report

AUGUST 8, 2017

2 AZR 681/16) that the use of evidence obtained through the use of key logger software is not permitted under current German privacy law, if there is no suspicion of a criminal offense. Subsequently, the firm installed key logger software on its employees’ computers.

Computer and Electronics

Computer and Electronics Insurance Privacy GDPR

Fund Managers Targeted in Sophisticated Cyberattacks

Data Matters

DECEMBER 10, 2019

For remote access to emails, trading systems and other electronic data containing confidential information, the authentication mechanism should utilize at least two of the following factors: what a person knows (e.g., Data privacy issues: Cyberattacks often involve identity theft. standard login passwords). what a person has (e.g.,

Data breaches

Data breaches Insurance Authentication Risk

Fund Managers Targeted in Sophisticated Cyberattacks

Data Matters

DECEMBER 10, 2019

For remote access to emails, trading systems and other electronic data containing confidential information, the authentication mechanism should utilize at least two of the following factors: what a person knows (e.g., Data privacy issues: Cyberattacks often involve identity theft. standard login passwords). what a person has (e.g.,

Data breaches

Data breaches Insurance Authentication Risk

List of data breaches and cyber attacks in December 2020 – 148 million records breached

IT Governance

JANUARY 4, 2021

Firm that built NHS Nightingale Hospital hit by cyber attack (unknown) People’s Energy data breach affects every customer (270,000) Exmo crypto exchange halts all withdrawals after cyber attack (unknown) Scottish Environment Protection Agency targeted in a cyber attack (unknown) Hackers breach Israeli insurance company Shirbit (unknown) Jewellers Stuller (..)

Data breaches

Data breaches Ransomware Energy and Utilities Computer and Electronics

Me on the Equifax Breach

Schneier on Security

NOVEMBER 8, 2017

For over 30 years I have studied the technologies of security and privacy. I am a board member of the Electronic Frontier Foundation, AccessNow, and the Tor Project; and an advisory board member of Electronic Privacy Information Center and VerifiedVoting.org. My name is Bruce Schneier, and I am a security technologist.

Personal data

Personal data Computer and Electronics Privacy Data breaches

HHS Announces Settlements with Health Care System and Medical Research Institute over Potential HIPAA Violations

Hunton Privacy

MARCH 22, 2016

On March 16, 2016, and March 17, 2016, respectively, the Department of Health and Human Services (“HHS”) announced resolution agreements with North Memorial Health Care of Minnesota (“North Memorial”) and The Feinstein Institute for Medical Research (“Feinstein Institute”) over potential violations of the HIPAA Privacy Rule. North Memorial.

Computer and Electronics

Computer and Electronics Risk Passwords Privacy

Saudi Arabia’s New Data Protection Law – What you need to know

DLA Piper Privacy Matters

OCTOBER 7, 2021

The PDPL is a law that applies on a national level and so, unlike other KSA sector specific laws dealing with privacy laws to date, the PDPL will apply to all sectors (with certain possible exceptions, discussed below). For example, an unlawful transfer of personal data outside of KSA can result in a criminal conviction and imprisonment.

Personal data

Personal data Compliance Computer and Electronics IoT

German DPAs Address a Wide Range of Topics at Annual Conference and Adopt Resolutions

Hunton Privacy

OCTOBER 9, 2013

securing electronic communications by implementing and developing end-to-end encryption. The DPAs request to strengthen the rights of the private and intimate sphere of patients’ and insured patients’ lives. The DPAs state that they are committed to the promotion of the confidentiality and integrity of electronic communications.

Computer and Electronics

Computer and Electronics Encryption Communications Insurance

OPC reconsiders its approach to cross-border data transfers with the Equifax decision

Data Protection Report

MAY 15, 2019

In a significant recent decision, the Office of the Privacy Commissioner of Canada (OPC) altered the regulatory landscape when moving personal information between affiliated companies and across Canada’s border for data processing or storage purposes. In September 2017, Equifax Inc., In September 2017, Equifax Inc., s systems for four months.

IT

IT Computer and Electronics Cloud Privacy

Five Steps to HIPAA Security Compliance

HIPAA

OCTOBER 16, 2013

The health insurance portability and accountability act has set various guidelines, which should be adhered to by anyone who handles any electronic medical data. Some medical practices adopted electronic health recording systems before there were clear guidelines on what these systems should contain.

Compliance

Compliance Computer and Electronics Security Encryption

Five Steps to HIPAA Security Compliance

HIPAA

OCTOBER 16, 2013

The health insurance portability and accountability act has set various guidelines, which should be adhered to by anyone who handles any electronic medical data. Some medical practices adopted electronic health recording systems before there were clear guidelines on what these systems should contain.

Compliance

Compliance Computer and Electronics Security Encryption

Five Steps to HIPAA Security Compliance

HIPAA

OCTOBER 16, 2013

The health insurance portability and accountability act has set various guidelines, which should be adhered to by anyone who handles any electronic medical data. Some medical practices adopted electronic health recording systems before there were clear guidelines on what these systems should contain.

Compliance

Compliance Computer and Electronics Security Encryption

Florida Amends Breach Notification Law to Cover Health Data, Tighten Notice Deadline and Require State Regulator Notification

Hunton Privacy

JULY 10, 2014

Covered entities also may be required to provide the following information to the Department upon request: a police report, incident report or computer forensics report; a copy of the policies in place regarding breaches; and. steps that have been taken to rectify the breach.

Computer and Electronics

Computer and Electronics Insurance Passwords Access

First Ever Multi-State Data Breach Lawsuit Targets Healthcare Provider: Cybersecurity Trends

eDiscovery Daily

JANUARY 10, 2019

The lawsuit alleges that Fort Wayne-based Medical Informatics Engineering and its subsidiary NoMoreClipboard “failed to take adequate and reasonable measures to ensure their computer systems were protected,” resulting in a 2015 breach that gave hackers access to the personal healthcare information of 3.9 million US citizens.

Data breaches

Data breaches Cybersecurity Computer and Electronics Insurance

The Week in Cyber Security and Data Privacy: 26 February – 3 March 2024

IT Governance

MARCH 5, 2024

TB Turtlemint Source (New) Insurance India Yes 1,800,000 Chunghwa Telecom Source (New) Telecoms Taiwan Yes 1.7 Source (New) Engineering Japan Yes >5 TB Array Networks Source (New) Cyber security USA Yes 2.5

Data Privacy

Data Privacy Privacy Manufacturing Retail

2017 eDiscovery Case Law Year in Review, Part 3

eDiscovery Daily

JANUARY 9, 2018

Here are three cases related to privilege issues, including one where the court granted a quick peek request by the plaintiff, citing the “court’s heavy caseload and limited resources”: Putting Information on File Share Site without Protection Waives Privilege, Court Rules : In Harleysville Insurance Co. Wilkinson, Jr. You decide.

e-Discovery

e-Discovery Computer and Electronics Communications Cloud

2019 end-of-year review part 1: January to June

IT Governance

DECEMBER 27, 2019

Among other news: Lancashire-based Lad Media was wound up , and its director, Keith Hancock, was banned from forming or managing an organisation for four years, after the company was deemed to have violated the PECR (Privacy and Electronic Communications Regulations).

Data breaches

Data breaches GDPR Passwords Personal data

The Week in Cyber Security and Data Privacy: 22 – 28 January 2024

IT Governance

JANUARY 30, 2024

Source (New) Retail USA Yes 2,588,849 Keenan & Associates Source 1 ; source 2 (Update) Insurance USA Yes 1,509,616 AGC Group Source (New) Manufacturing Japan Yes 1.5 Source (New) Retail USA Yes 2,588,849 Keenan & Associates Source 1 ; source 2 (Update) Insurance USA Yes 1,509,616 AGC Group Source (New) Manufacturing Japan Yes 1.5

Data Privacy

Data Privacy Retail Privacy Manufacturing

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. ” The employees who kept things running for RSOCKS, circa 2016. million users.

Passwords

Passwords Ransomware Computer and Electronics Encryption

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

ARMA International

SEPTEMBER 27, 2021

This means imagining the “art of the possible” for a new future using a cloud computer model to deliver transformative change. This part also discusses managing CS risks such as ransomware, privacy, change management, and user adoption. Finally, Part 3 looks to the future, presents next steps, and discusses key takeaways. Introduction.

Digital transformation

Digital transformation Risk IT Computer and Electronics

Best Digital Forensics Tools & Software for 2021

eSecurity Planet

AUGUST 13, 2021

For everything from minor network infractions to devastating cyberattacks and data privacy troubles , digital forensics software can help clean up the mess and get to the root of what happened. Autopsy is its GUI and a digital forensics platform used widely in public and private computer system investigations to boost TSK’s abilities.

e-Discovery

e-Discovery Computer and Electronics Marketing Compliance

2019 eDiscovery Case Law Year in Review, Part 3

eDiscovery Daily

JANUARY 8, 2020

Today, let’s take a look back at cases related to disputes regarding proportionality vs. relevancy vs. privacy. PROPORTIONALITY vs. RELEVANCY vs. PRIVACY. We grouped those cases into common subject themes and will review them over the next few posts. Perhaps you missed some of these? Now is your chance to catch up!

e-Discovery

e-Discovery Privacy Computer and Electronics Insurance

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

When we do the weekly supermarket shop online, we should be able to move our shopping list electronically. Noble Lords will be familiar with the role of the Information Commissioner, whose role is to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

GDPR

GDPR Personal data Government IT

Speed up digital transformation and data literacy with Data Intelligence Cloud for healthcare

Collibra

MARCH 22, 2022

This was further emphasized at HIMSS 2022 where the spotlight was on the use of cloud computing solutions, artificial intelligence (AI) and the adoption of Fast Health Interoperability (FHIR) to drive transformative changes in healthcare – across telehealth, telemedicine, genomics, precision medicine and value-based care.

Digital transformation

Digital transformation Cloud Healthcare Computer and Electronics

Information Management Today

Maryland Court Finds Coverage for Lost Data and Slow Computers After Ransomware Attack

Security Affairs newsletter Round 463 by Pierluigi Paganini – INTERNATIONAL EDITION

Webinars

Trending Sources

Court Rules Fraud Involving a Computer Is Not ‘Computer Fraud’ under Crime Protection Policy

Webinars

Understanding HIPAA: A Guide to Avoiding Common Violations

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

What IG Professionals Should Know About the Internet of Bodies

The U.S. Office of the Comptroller of the Currency Seeks Comment on Digital Innovation by Banks

HHS Announces HIPAA Settlement with UMass

List of data breaches and cyber attacks in June 2021 – 9.8 million records breached

OCR Enters into Record Settlement with Anthem

German court: monitoring of employees by key logger is not allowed

Fund Managers Targeted in Sophisticated Cyberattacks

Fund Managers Targeted in Sophisticated Cyberattacks

List of data breaches and cyber attacks in December 2020 – 148 million records breached

Me on the Equifax Breach

HHS Announces Settlements with Health Care System and Medical Research Institute over Potential HIPAA Violations

Saudi Arabia’s New Data Protection Law – What you need to know

German DPAs Address a Wide Range of Topics at Annual Conference and Adopt Resolutions

OPC reconsiders its approach to cross-border data transfers with the Equifax decision

Five Steps to HIPAA Security Compliance

Five Steps to HIPAA Security Compliance

Five Steps to HIPAA Security Compliance

Florida Amends Breach Notification Law to Cover Health Data, Tighten Notice Deadline and Require State Regulator Notification

First Ever Multi-State Data Breach Lawsuit Targets Healthcare Provider: Cybersecurity Trends

The Week in Cyber Security and Data Privacy: 26 February – 3 March 2024

2017 eDiscovery Case Law Year in Review, Part 3

2019 end-of-year review part 1: January to June

The Week in Cyber Security and Data Privacy: 22 – 28 January 2024

Happy 13th Birthday, KrebsOnSecurity!

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

Best Digital Forensics Tools & Software for 2021

2019 eDiscovery Case Law Year in Review, Part 3

The debate on the Data Protection Bill in the House of Lords

Speed up digital transformation and data literacy with Data Intelligence Cloud for healthcare

Stay Connected