cyber security

Subscribe to cyber security
Health-law-Privacy

On February 1, 2023, the FTC announced a proposed $1.5 million settlement with GoodRx Holdings, based on alleged violations of the Federal Trade Commission Act (“FTC Act”) and Health Breach Notification Rule (“HBNR”) for using advertising technologies on its websites and mobile app that resulted in the unauthorized disclosure of consumers’ personal and health information to advertisers and other third parties. On the same day, the U.S. Department of Justice, acting on behalf of the FTC, filed a Complaint and Proposed Stipulated Order detailing the FTC’s allegations and the terms of the proposed settlement. 

Continue Reading FTC Brings Enforcement Action Under FTC Act and Health Breach Notification Rule Based on GoodRx’s Use of Advertising Tracking Technology on Its Websites and Mobile Application

Health-law-Privacy

On March 15, 2022, President Biden signed into law the 2022 Consolidated Appropriations Act containing the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the “Cyber Incident Reporting Act”). While President Biden’s remarks highlighted the $13.6 billion in funding “to address Russia’s invasion of Ukraine and the impact on surrounding countries,” the 2022 Consolidated Appropriations Act contained numerous other laws, including the Cyber Incident Reporting Act, which should not be overlooked. The Cyber Incident Reporting Act puts in motion important new cybersecurity reporting requirements that will likely apply to businesses in almost every major sector of the economy, including health care, financial services, energy, transportation and commercial facilities. Critical infrastructure entities should monitor the upcoming rule-making by the Cybersecurity and Infrastructure Security Agency (“CISA”), as the final regulations will clarify the scope and application of the new law.

Continue Reading President Biden Signs into Law the Cyber Incident Reporting Act, Imposing Reporting Requirements for Cyber Incidents and Ransomware Payments

shutterstock_641443576

Ransomware basics

Ransomware is a serious form of cyber extortion that employs malware to prevent users from accessing their systems or data, either by locking the system or encrypting critical files until a ransom is paid. The hacker holds the key to unlock the system and usually demands payment in cryptocurrency.

Ransomware has been a

By: Alaap Shah and Marshall Jackson

Data is going digital, devices are going mobile, and technology is revolutionizing how care is delivered.  It seems to be business as usual, as your health care organization continues to digitize its operations.  You have even taken measures to help guard against the “typical” risks such as lost laptops,