Due to the COVID-19 pandemic, 42 states, Puerto Rico and the District of Columbia have adopted shelter-in-place or similar orders. As a result, more employees than ever before are working from home. This sudden increase in telework has created new challenges for employers, including balancing the need to protect their trade secrets and confidential information,
Update: Coronavirus Cyberscams and Other Attacks – Scammers Are Still at It
The global coronavirus pandemic continues on, and the cyberattacks and scams continue to multiply. In the midst of the pandemic, hackers are capitalizing on fears surrounding the outbreak by crafting COVID-19-themed attacks aimed at infecting computers with malware or obtaining sensitive, personal information. Below are some of the latest examples of attacks and vulnerabilities to
Three Cybersecurity and Privacy Recommendations When Navigating COVID-19
While businesses grapple with the COVID-19 crisis, data privacy and data security regulation remains a pressing concern. Some significant state laws regarding data privacy and security have gone into effect in 2020, such as the California Consumer Privacy Act (“CCPA”) (effective January 1, 2020) and the New York Stop Hacks and Improve Electronic Data Security
California Attorney General: CCPA Enforcement on Schedule Despite COVID-19
COVID-19 is delaying just about everything these days—except the CCPA.
In letters submitted on March 17 and March 20, a coalition of nearly sixty business and organizations called on California Attorney General Xavier Becerra to temporarily defer CCPA enforcement by six months to January 2, 2021 due to COVID-19. The coalition, which spans a range
Cybersecurity and Infrastructure Security Agency Issues Initial Guidance on Essential Workers, Sectors
As many industries transition to alternate working arrangements in response to COVID-19, certain sectors and functions essential to the nation’s public health, safety and community well-being must continue to operate. The Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security recently released an initial list of “Essential Critical Infrastructure Workers” to help
Small Businesses Are Not Safe from Big HIPAA Liability
In the first published enforcement action of 2020, a gastroenterology practice in Ogden, Utah, has agreed to pay a $100,000 settlement to the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) for alleged violations of the Health Insurance Portability and Accountability Act (“HIPAA”) Security Rule.
According to the Resolution Agreement entered
Industry Insight: The CCPA’s Elusive “Reasonable Security” Safe Harbor
“[P]rivacy legislation should have some kind of safe harbor provision in it so that companies understand that if they take certain steps, what they are doing is consistent with the law.” Karen Zacharia, Chief Privacy Officer at Verizon
The California Consumer Privacy Act (CCPA) provides unparalleled rights for California residents with regard to data privacy.
Trends in Student Data Privacy
Across the country, school districts use technology to facilitate learning and assist in classroom management. From tracking grades and communicating with parents to monitoring bathroom breaks, technology is everywhere in our schools. But as technology becomes more prevalent in the classroom, what does that mean for student data privacy?
Federal Laws Governing Student Data Privacy
Effective Incident Response Requires Good Cyber Exercise—Is Your Company in Shape?
For years, corporate boards have hired third-party companies to conduct financial audits to assure that there is no fraud or other breaches of fiduciary responsibility by management. Cyber risks should be managed similarly. Who can thoroughly evaluate whether management is prepared to protect the company when its systems are attacked or when a data breach
Technology Continues to Outflank Health Information Anonymization
A recent letter from researchers at the Mayo Clinic to the editor of The New England Journal of Medicine outlined a new challenge in de-identifying, or preserving the de-identified nature of, research and medical records.[1] The Mayo Clinic researchers described their successful use of commercially available facial recognition software to match the digitally