HHS to Launch Cybersecurity Center

The Department of Health and Human Services (HHS) will soon launch a healthcare focused cybersecurity initiative modeled on the Homeland Security Department’s National Cybersecurity and Communications Integration Center (NCCIC).  Christopher Wlaschin, Chief Information Security Officer at HHS, announced this development at the 2017 ACT-IAC Health IT-Mobile Forum on April 20.  According to Wlaschin, the new center, to be called the Health Cybersecurity and Communications Integration Center (HCCIC) would seek to reduce the extensive “noise” in the health care industry about cyber threats and to analyze and “deliver best practices and the two or three things that a small provider,… More

CyberOhio Initiative – An Update from the Ohio AGO

We recently posted on the Ohio Attorney General’s CyberOhio initiative and forecasted that the Ohio Attorney General might be the first of many Attorneys General to join forces with industry in the struggle to protect consumer information.  Ohio Deputy General Counsel Craig Rapp, Director of CyberOhio, contacted our blog not only to agree with our prediction, but also to shed more light on what is transpiring in his state. … More

Boston Bar Association’s Inaugural Privacy and Cybersecurity Conference, May 24, 2017

The Boston Bar Association’s inaugural Privacy and Cybersecurity Conference will be held on May 24.  The conference will bring together attorneys from private practice and in-house legal departments to network and discuss key topics and trends in privacy and cybersecurity.  This full-day conference will cover a wide range of topics from data breach response and litigation to compliance and transactional issues. Panelists will discuss new developments in the legal and regulatory landscape,… More

Is Computer Security Broken?

The Economist certainly thinks computer security is broken (and it’s hard to argue the contrary).  In its April 8 edition, The Economist’s cover story proclaims, “Why computers will never be safe.”  While that’s good news for some of us (at least in the short run), for most of us it’s a daunting proposition.  So how to address the problem?  Do we need more regulation, as The Economist suggests? … More

Trump Meets Xi: Will They Talk Cybersecurity?

President Trump has repeatedly claimed that his predecessor was weak on China. But at least with respect to cybersecurity, the facts don’t support that charge. In 2015, “following all-night negotiations,” Robert Silvers writes, the United States convinced China to sign on to a joint commitment against “cyber enabled theft of intellectual property.” Ever since, China’s hacking of U.S. companies has dropped off dramatically. Next month,… More

U.S. Steel ITC Case Alleging Chinese Government Hacked Its Network and Stole Its Secret Formulas May Be Revived

First, a little background for those unfamiliar with the wonderful world of the International Trade Commission (ITC). 

Section 337 of the Tariff Act of 1930 (19 U.S.C. § 1337) prohibits “unfair methods of competition and unfair acts in the importation of articles … into the Unites States,” including the importation of articles that infringe various types of intellectual property.  Companies can file complaints in the ITC and administrative law judges oversee the investigations. … More

Marijuana and Privacy: A Primer

Legal marijuana is America’s fastest-growing industry. According to ArcView Market Research, cannabis revenue is expected to exceed $22 billion by 2020—nearly double that of the NFL. This past year, Colorado saw its sales reach over $1 billion. Here in Massachusetts, sales are expected to grow to $900 million within three years. Given the nationwide trend toward legalization (at the time of writing,… More

New Mexico, One of the Last Holdouts, Sends Data Breach Notification Law to Governor

New Mexico is one of the few remaining states to not have a law requiring companies to notify consumers when their information is part of a data breach.  This, however, might change very soon.  Last Wednesday, the New Mexico Legislature passed House Bill 15, called the “Data Breach Notification Act,” sending the bill to Governor Susana Martinez for her signature.

Among other things, the act requires companies with personally identifiable information of New Mexico residents to use reasonable security procedures and practices to protect that information. … More

Where Should Broker Dealers Invest Today? Cyber Security Compliance

With cyber security threats on the rise, broker dealers must prioritize protection of electronic investor information.  What cyber security threats exist for broker dealers?  In its 2015 Report on Cyber Security Practices, the Financial Industry Regulatory Authority (FINRA) identified a wide range of actors that may attempt to compromise a broker dealers’ electronic records and functions: (1) cybercriminals seeking to steal; (2) nation states; (3) terrorist groups;… More