Feds Say ChangeHealth Can File Breach Notice on Behalf of Doctors After All Changing your mind … is a federal agency’s prerogative, apparently. Normally under HIPAA, it is the doctor or hospital that has to file the breach notice and until this week, that was the fed’s (HHS) position for the ChangeHealth breach. However, smarter […]
Continue reading → [DISPLAY_ACURAX_ICONS]Last month in a bit of a crazed hurry, Congress approved the renewal of Section 702 of the Foreign Intelligence Surveillance Act (FISA). Section 702 came out of 9-11 and our lack of intelligence. I know you can’t use government and intelligence in the same paragraph without laughing, but stick with me. But Congress didn’t […]
Continue reading → [DISPLAY_ACURAX_ICONS]While it seems that some companies continue to be clueless and others get fined (and sued) for delaying reporting breaches, the window (and door) is closing rapidly on that. The SEC says that publicly traded companies have 4 days after determining that a breach is material to file an 8-K to notify investors. DoD contractors […]
Continue reading → [DISPLAY_ACURAX_ICONS]Given the announcement every day of a new breach, that CISO’s confidence is growing is a bit strange. I think it is more how the media is viewing the numbers. 70 percent of surveyed CISOs feel at risk of a material cyber attack over the next 12 months. That is up from 68 percent last […]
Continue reading → [DISPLAY_ACURAX_ICONS]DocuFakes on the Rise Hackers have figured out that anything that you do on autopilot is fertile ground for using to hack you. Case in point is Docusign. For some people, they sign so many docusign documents that they operate on autopilot when they see one. The hackers have really good templates, so that helps. […]
Continue reading → [DISPLAY_ACURAX_ICONS]First it was cybersecurity laws. Then it was breach notification laws. Then first generation privacy laws. Then second generation privacy laws. Now it is AI laws. What is interesting is the velocity. It took over 15 years for all states to have a cybersecurity law. We now have 17 or 18 states that enacted second […]
Continue reading → [DISPLAY_ACURAX_ICONS]