Saying it will accelerate complex investigations, the United States and the United Kingdom proposed an historic data exchange agreement. In future, each government will be able to obtain electronic data directly from technology companies in the other country. The governments also say this first of its kind agreement will protect privacy and enhance civil liberties.… Continue Reading
Data protection in Poland now includes an updated “black list” of operations requiring an impact assessment. Another action announces a controversial decision about privacy of license plate numbers. In addition, a data breach manual is available. For fuller analysis see Magdalena Gad-Nowak’s article here in the Data Privacy & Cybersecurity blog.… Continue Reading
On May 31, 2019, the U.S. Attorney for the District of Kansas announced a $250,000 settlement with Coffey Health System, after two whistleblowers filed qui tam suit against Coffey for violations of the False Claims Act. The settlement resolved allegations that Coffey submitted false claims to Medicare and Medicaid pursuant to the Electronic Health Records … Continue Reading
Another example about the costs of lax data security involves a medical imaging company in the U.S. The company did not perform a risk analysis and failed to respond properly when alerted to problems. See the full post here on the Triage blog.… Continue Reading
Recent rulings conflict on whether police can force individuals to unlock their smartphones. The result depends upon where you are located, with differing rulings from Massachusetts and California. Further, there is an international dimension, illustrated by a recent decision from Israel. In short, as described below, the traveler must beware.… Continue Reading
South Africa’s regulator, the Financial Intelligence Centre (“FIC”), oversees receipt and analysis of financial intelligence as well as its dissemination. FIC recently released a booklet that provides “insight on some of the methods criminals use to abuse the financial system.” The booklet provides nine different case studies, including one about rhinoceros poaching.… Continue Reading
Even the best laid plan for data security requires follow through. A cancer center was penalized $4.3 million by the government for failing to complete its encryption plan for devices. The decision is instructive even for companies not specifically required to protect data under government regulation. Tom Zeno and Elliot Golding of Squire Patton Boggs discuss … Continue Reading
In late April, the U.S. Securities and Exchange Commission (SEC) hit Yahoo with a $35 million dollar fine for failing to properly assess and disclose a 2014 data breach that affected more than 500 million user accounts. The case marks the first time the SEC has charged a public company with cybersecurity-related disclosure violations and … Continue Reading