Imagine you have completed your HIPAA risk assessment and implemented a robust privacy and security plan designed to meet each criteria of the Omnibus Rule.
With OpenSSL Compromised by Heartbleed, an Opportunity for Companies to Diversify Cyber Security Efforts
The recent discovery of the “Heartbleed” online bug has sent shockwaves through the internet, causing companies and individuals alike to question very basic assumptions about cyber security.
The European Parliament has voted emphatically in support of a report produced by its Civil Liberties, Justice and Home Affairs Committee (LIBE) on the mass surveillance undertaken by the U.S. National Security Agency (NSA) and EU Member States.In doing so, the Parliament has called for the immediate suspension of the EU-U.S. Safe Harbor scheme, pending a review of how the scheme is conducted.
A decision from the U.S. District Court for the District of New Jersey last week affirmed the Federal Trade Commission’s assertion of authority to prosecute data security breaches under Section 5 of the Federal Trade Commission Act.
Last week was certainly the “week of the Heartbleed.” Unless you have been on vacation on a remote island (and if so, good for you!), you have heard and read much about the latest mass bug to infect the Internet.
Wisconsin enacted a new law on April 8, 2014 prohibiting employers, educational institutions, and landlords from requesting or requiring access to personal Internet accounts.
The short answer to this question is that the SEC and FINRA care. Both regulators have made this issue an exam priority for the year, and it was recently a focus of an SEC roundtable.
A report that the NSA regularly used the Heartbleed bug for years “to gather critical intelligence” but kept “the bug secret in pursuit of national security interests threatens to renew the rancorous debate over the role of the government’s top computer experts” according to Bloomberg News.
Kentucky Gov. Steve Beshear signed H.R. 232 on April 10, 2014, making the Commonwealth the 47th state to enact a data breach notification law.
On April 10, 2014, the U.S. Department of Justice (“DOJ”) and the Federal Trade Commission (“FTC”) issued a joint “Antitrust Policy Statement on Sharing of Cybersecurity Information.”