Monthly Archives: July 2022

Federal Agencies Issue Alert Regarding Maui Ransomware

On July 7, 2022, three federal agencies – the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency, and the Department of the Treasury – issued a joint alert regarding Maui Ransomware, which has been linked to ransomware attacks on healthcare and public health entities carried out by North Korean state-sponsored cyber actors.

These are the key recommendations of the alert:

  • Since at least May 2021,…
  • More

Anonymization v. De-Identification, Post-Dobbs; Rumblings from the FTC

When is personal data “anonymized”?  The answer to this question has largely been based on jurisdiction.  If your business is in the U.S., so long as HIPAA or the CCPA does not govern, then generally aggregated or de-identified data could often be considered “anonymized” for legal compliance purposes.  (Both HIPAA and the CCPA have specific requirements for what counts as “de-identified” data.)  Under the GDPR, the story has been much more complicated:  merely “de-identified”… More