Partner Colin Zick Speaks to Bloomberg BNA about Cyberthreats and Healthcare Data

Reproduced with permission from Bloomberg Law: Privacy & Data Security, (Jan. 18, 2018). Copyright 2018 by The Bureau of National Affairs, Inc. (800-372-1033) http://www.bna.com

By James Swann

The federal government has identified two new cyberthreats that put patients’ personal data at risk for exposure.

The threats, known as Spectre and Meltdown, exploit a vulnerability in many commercial computer chips underpinning health-care computer networks,… More

Partners Colin Zick and Catherine Muyl to Participate in MassTLC Event Focused on GDPR

Partners Colin Zick and Catherine Muyl will join MassTLC’s CISO and CTO Peer Group Meeting on Tuesday, February 6 to discuss the General Data Protection Regulation.

The fast approaching deadline to comply with GDPR is only months away. There are checklists and guidelines to help companies meet these new regulations, but realistically what must companies prioritize, how do you create these new protocols in your company,… More

Massachusetts Securities Division Files First Complaint Related to Initial Coin Offering

On January 17, 2018, the Massachusetts Securities Division Enforcement Section filed a complaint against the company Caviar and its founder Kirill Bensonoff for violations of the Massachusetts Uniform Securities Act in connection with an ongoing initial coin offering (ICO).

This is Secretary of the Commonwealth William F. Galvin’s first enforcement action related to an ICO. Last month, Secretary Galvin announced that the Massachusetts Securities Division would conduct a sweep of Massachusetts entities engaged in ICOs.… More

The Many Faces of Google’s Arts & Culture App (Except in Illinois and Texas)

Those of our readers who frequent social media may have noticed a newly-popular juxtaposition between selfies and art (or perhaps one should say between selfies and other forms of art)—a feature in the Google Arts & Culture app that matches a user’s selfie to a portrait in Google’s database.

But not every aspiring selfie artist can compare their work with that of the great painters of yesteryear. … More

Settlement Offers Guidance on What “Reasonable” Security Means Under COPPA

The FTC’s COPPA Guidance does an admirable job explaining the basics of what a business needs to do to comply with COPPA, but is vague as to how a business must protect personal information collected from children. The COPPA Guidance requires that a company use “reasonable procedures” to protect such information from unauthorized access or use, but does not explain what “reasonable procedures” means. This is,… More

Recent Federal Legislation Demonstrates Growing Federal Interest in Blockchain for Cybersecurity

Recent federal legislation indicates a growing federal interest in blockchain as a potentially integral technology in cybersecurity systems. This comes on the heels of recent legislation in the New York Assembly also suggesting state level interest in blockchain.

On December 12th, H.R. 2810, the “National Defense Authorization Act for Fiscal Year 2018,” was signed into law. This law was, first and foremost,… More

South Korean Cryptocurrency Exchange Hacked (Again)

As part of our Year in Preview series, we’ve recently covered both international cyberwar and the rise of cryptocurrency.  Just before the holidays, both of these topics collided in a decidedly unpleasant manner.

On December 19, the South Korean cryptocurrency exchange Youbit filed for bankruptcy, disclosing that it had just suffered a hack that made off with about one fifth of the bitcoins stored on its platform. … More

Recent New York Legislation Demonstrates Growing Governmental Interest in the Use of Blockchain for Cybersecurity

Recent legislation in the New York State Assembly reflects a growing governmental interest in blockchain as a  technology in cybersecurity systems.  On November 27, four different bills addressing blockchain technologies were introduced into the New York State Assembly. Most significant among these is Assembly Bill 8793, which would establish a task force to study and report on the potential implementation of blockchain technology in state record keeping,… More

Colin Zick Discusses GDPR Compliance with Enterprise.nxt

With enforcement set to begin in May 2018, organizations around the world must be ready to comply with the European Union’s General Data Protection Regulation (GDPR). Partner Colin Zick discusses 10 things you need to know now with Enterprise.nxt.

Avoid GDPR non-compliance fines with this list of things to consider and plan for before the fast-approaching deadline. Click here to read more.… More

Friday Blog Round-Up

In case you missed it:

  • We wrapped up our “Year in Preview” series with deep dives into international law and cyber warfare, financial institutions and the SEC, and cryptocurrencies and blockchain.  Each of the nine articles in this series is worth reading on its own, and taken together all will give you a broad view into cybersecurity and data privacy trends in the coming year.
  • The Advanced Cyber Security Center released its report on cybersecurity concerns of Massachusetts residents post-Equifax.  (Spoiler:  about 2/3 of respondents say they won’t do business with an entity that’s been breached.)
  • In crytopcurrency news, the Massachusetts Securities Division announced that it’s going to examine Massachusetts entities engaged in initial coin offerings.  Increased ICO enforcement from multiple authorities is an important trend to watch.
  • DHS pledged it would “intervene directly” in cyberattacks against private industry.  Cause for comfort or concern?
  • And an OIG report faults HHS as being rife with cybersecurity vulnerabilities.  Perhaps the old adage is apt:  “Physician, heal thyself.”

Happy holidays!