October is National Cybersecurity Awareness Month (NCAM). NCAM serves as a timely reminder to continue to assess and improve organizational cybersecurity.
Continue reading “October is National Cybersecurity Awareness Month”
October is National Cybersecurity Awareness Month (NCAM). NCAM serves as a timely reminder to continue to assess and improve organizational cybersecurity.
Continue reading “October is National Cybersecurity Awareness Month”
Elite Dental Associates, Dallas (Elite Dental) and the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) entered into a $10,000 no-fault settlement agreement and two year corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA).
Continue reading “Dental Practice Impermissibly Discloses PHI on Yelp”
On October 1, the U.S. Court of Appeals for the D.C. Circuit released a long awaited decision in Mozilla Corporation v. FCC that largely upheld most aspects of the Federal Communications Commission’s 2018 “Restoring Internet Freedom Order” While FCC Chairman Pai quickly claimed victory, the nearly 200 page decision was in several areas quite critical of the FCC’s process, as well as the agency’s reasoning or the lack of discussion or support in the record for several of the Order’s determinations. Although these defects were not sufficient for the Court to reverse the Order on review, the Court nevertheless agreed with petitioners on several issues, discussed below, and remanded them to the agency for additional consideration.
Bayfront Health – St. Petersburg (Bayfront) and the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) entered into a $85,000 no-fault settlement agreement and one year corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA). This settlement is the first case in HHS-OCR’s Right of Access Initiative (Initiative). The Initiative was open for public comment between December 2018 and February 2019 and received over 1,000 comments.
A recent report by researchers at the Helmholz Center for Information Security (CISPA), Singapore University of Technology and Design, and the University of Oxford has revealed that Bluetooth technology is vulnerable to a new type of hacking which allows for an attacker to carry out data theft on a Bluetooth-enabled device without the user’s knowledge or permission so long as the cyber-criminal is within Bluetooth range of the targeted device.
In a release aptly labeled “A Starting Point for IoT Device Manufacturers” the National Institute of Standards and Technology (NIST), an arm of the Department of Commerce, recently added to the discussion with the publication. NIST sought to provide IoT device manufacturers a better understanding of appropriate cybersecurity features for the vast and constantly proliferating range of IoT devices. NIST’s fundamental purpose is to improve the securitibility of IoT devices and to identify, in general terms, the features that can be designed so that customers can better use them to manage cybersecurity risk profiles.
Continue reading “NIST Unveils IoT Baseline of Core Cybersecurity Features for Comment”