On October 27, 2015 the U.S Senate passed by a vote of 74-21 the Cyber Information Sharing Act of 2015 (CISA). The bill allows government agencies and businesses to share information about cybersecurity threats with one another. Shared information is supposed to consist of “threat indicators” such as technical information about the type of malware used… Continue Reading
There is no shortage of headlines about the massive data breach at the Office of Personnel Management, which reportedly involves about 25 million former and current federal workers, their spouses and those who applied for government background checks. There was also no shortage of headlines this past spring when both the House of Representatives and… Continue Reading
In addition to the near-daily reports of more breaches, new laws and controversial workplace privacy issues, there have been 3 significant developments involving cyber and privacy already in 2013. 1. On January 17, 2013 the Department of Health and Human Services released its final “omnibus” rule in relation to HIPAA, effective March 26, 2013. The… Continue Reading
Predicting the future is a risky business (not entirely unlike insurance) but here are a few of the issues we think will be significant in 2013. 1. Hurricane Sandy: With acknowledgement of the human suffering this disaster caused, we believe it also will impact cyber/privacy and insurance in several ways. First, it should provide a heightened awareness of… Continue Reading
Celeste King was recently quoted by Business Insurance’s Judy Greenwald in her article “Federal cyber legislation could simplify state laws.” The article addresses the need for federal legislation in addition to pitfalls of various state legislation. You can read the article here.
Although Ponemon’s Second Annual Benchmark Study on Patient Privacy and Data Security has shown some improvement for health organizations the overall message is still bleak. The second annual report examines changes from the past year that may have affected privacy and data protection in healthcare organizations. It also looks as how well the healthcare organizations are… Continue Reading
On October 5, 2011 a Congressional Task Force Report was published containing recommendations for handling security issues in four areas: (1) critical infrastructure and incentives; (2) information sharing and public-private partnerships; (3) updating existing cyber security laws; and (4) legal authorities. The general point from the report is that Congress should provide a variety of incentives to encourage… Continue Reading