With enforcement set to begin in May 2018, organizations around the world must be ready to comply with the European Union’s General Data Protection Regulation (GDPR). Partner Colin Zick discusses 10 things you need to know now with Enterprise.nxt.
Avoid GDPR non-compliance fines with this list of things to consider and plan for before the fast-approaching deadline. Click here to read more.… More
In case you missed it:
Editors’ Note: This is the last in a nine-part end-of-year series examining important trends in data privacy and cybersecurity during the coming year. Previous installments include analyses of HIPAA compliance, emerging security threats, federal enforcement trends, state enforcement trends, … More
On December 19, the US Department of Health and Human Services’ (HHS) Office of the Inspector General (OIG) released a report indicating continued cybersecurity vulnerabilities among HHS’ four operating divisions based on FY 2016 penetration testing. According to the report, OIG “determined that security controls across the four HHS OPDIVs needed improvement to more effectively detect and prevent certain cyberattacks” and “identified configuration management and access control vulnerabilities.”
OIG provided HHS with a restricted “rollup” report of the four operating divisions,… More
The worldwide WannaCry attack from May 2017 has been officially blamed on North Korea. In a press briefing publicly announcing the Administration’s declaration of North Korean culpability, the Department of Homeland Security continued to note the importance of public-private partnership in cyberdefense. While such collaboration (and desire for collaboration) is not new, the press briefing did appear to call for a newfound emphasis on the need for the government to work together with private companies. … More
Editors’ Note: This is the eighth in a multi-part end-of-year series examining important trends in data privacy and cybersecurity during the coming year. Previous installments include analyses of HIPAA compliance, emerging security threats, federal enforcement trends, state enforcement trends, … More
Editors’ Note: This is the seventh in a multi-part end-of-year series examining important trends in data privacy and cybersecurity during the coming year. Previous installments include analyses of HIPAA compliance, emerging security threats, federal enforcement trends, state enforcement trends, biometrics,… More
The Massachusetts Securities Division has announced that it will conduct an exam sweep of Massachusetts entities engaged in initial coin offerings (ICOs).
In the announcement, released on Friday, Massachusetts Secretary of the Commonwealth William Galvin said that he views ICOs as securities that must be registered with the state.
“Blockchain may or may not change the way banks transfer money or the way credit payments are made,… More
This week, the Advanced Cyber Security Center (ACSC) released a new report entitled, “Cyber Security Post Equifax: Perceptions and Priorities from Massachusetts Residents.” The report highlights the results from a survey of Massachusetts residents conducted to better understand public opinion on consumer and privacy matters and cyber security related to the Internet. Click here to read in full. More
In case you missed it . . .
The end of net neutrality — for now — is big news, because it’s a big deal; there’s just no getting around the fact that the way consumers experience the internet is going to change. What are some of the practical consequences?
On cybersecurity, it’s not at all obvious what the effect will be. Essentially, slowing down, speeding up, or blocking traffic can be both good and bad. … More
For the second time in less than a month (click here for a prior enforcement action), the SEC’s newly created Cyber Unit has shut down an initial coin offering (ICO). This time the ICO was for Munchee, Inc., a California-based developer of an iPhone application for people to review restaurant meals. The recent enforcement activity follows several policy statements and warnings regarding ICOs. … More
Editors’ Note: This is the sixth in a multi-part end-of-year series examining important trends in data privacy and cybersecurity during the coming year. Previous installments include analyses of HIPAA compliance, emerging security threats, federal enforcement trends, state enforcement trends, and biometrics. … More
On November 28, 2017, the EU’s Article 29 Working Party issued its report on the First Annual Joint Review of the EU-US Privacy Shield, which was conducted on September 18-19, 2017.
In this 38 page report, the WP analyzed the Privacy Shield’s commercial and government aspects (as it did in its earlier opinion, issued in April 2016 when the Privacy Shield was still a draft;… More
Editors’ Note: This is the fifth in a multi-part end-of-year series examining important trends in data privacy and cybersecurity during the coming year. Previous installments include analyses of HIPAA compliance, emerging security threats, federal enforcement trends, and state enforcement trends. Up next: Education.
The term “biometrics” may conjure up images of Gattaca or Minority Report,… More
Editors’ Note: This is the fourth in a multi-part end-of-year series examining important trends in data privacy and cybersecurity during the coming year. Previous installments include analyses of HIPAA compliance, emerging security threats, and federal enforcement trends. Up next: a look at biometrics.
As state Attorneys General continue to flex their muscles in response to serious data security lapses nationwide,… More