Monthly Archives: April 2016

Top Tips for OCR HIPAA Audit Preparation

Written by Elizabeth Snell | This article was originally published on HealthITSecurity.com

The recently announced OCR HIPAA audits are not a cause for panic, according to experts, especially of organizations have proper documentation.

With the most recent round of OCR HIPAA audits announced just last month, many healthcare organizations are working to ensure that they are prepared should they be called for investigation.… More

EU General Data Protection Regulation Adopted

After years of intense discussions, the EU General Data Protection Regulation (GDPR) was finally adopted on 14 April 2016.

The GDRP sets out uniform new rules in the field of data protection across the EU, rules that will standardize the law in the 28 EU Member States and have an impact on both European and non-European companies. For example:

data controllers (companies collecting and using personal information) will have a wide range of new obligations,…

EU-US Privacy Shield: Working Party Urges European Commission to Improve Current Scheme

After the invalidation of the Safe Harbor by the European Court of Justice (“ECJ”) last October in the Schrems case, negotiations between the European Commission and US authorities led to a new agreement called the EU-US Privacy Shield. However, the EU’s 1995 Data Protection Directive provides that the Article 29 Working Party (“WP29”) has to issue an opinion on this kind of agreements and it did so on April 13.… More

How Hospitals Can Avoid Being the Next Ransomware Victim

Hospitals are increasingly the target of hackers, particularly in the form of “ransomware.” What follows is a primer on ransomware and how to avoid being a target of it.

What is ransomware?

Ransomware is a type of malware that limits users’ access to their computer systems. It functions by locking a user’s system and/or encrypting its files.… More

iPhone Access Gets Attention, ‘Stingrays’ Fly Under The Radar

Previously published in Law360, April 5, 2016. Posted with permission.

While eyes have been peeled on the U.S. Department of Justice’s efforts to obtain a court order to hack the iPhone of one of the San Bernardino killers, garnering far less scrutiny is law enforcement’s more routine use of powerful cellular tracking devices before a defendant is even charged. Called cell-site simulators,… More

Practical Tips to Avoid Being Caught in an IRS Phishing Trap

As a follow-up to our recent discussion of IRS-related phishing attempts, here are a few quick tips to stay out of the phishing traps:

In general, the IRS does not communicate with taxpayers via e-mail, so any time someone receives an e-mail from the “IRS,” they should be suspicious at the outset.
Even if the IRS did correspond with taxpayers via e-mail,…