Tag:

cyber-security

The Quiet Corporate Health Cybersecurity Struggle Playing Out in Plain Sight

Cyberattacks on the healthcare industry have reached a fever pitch. In 2020 alone, there was a drastic increase in healthcare organization cybersecurity breaches. In 2021, the average cost of a healthcare data breach increased by over $2 million to $9.23 million. Healthcare providers continue to be the most targeted industry for cybersecurity breaches, with over ninety-three percent of healthcare organizations experiencing a data breach over the past three years. 306 breaches of unsecured protected health information (“PHI”) impacting 500 or more individuals were reported to the U.S. Department of Health and Human Services (“HHS”) in 2020. Yet healthcare organizations continue to be ill-equipped to handle this growing problem.

Hospitals Across the Country at Serious Risk for Coordinated Ransomware Attacks

The Federal Bureau of Investigation (“FBI”), the Department of Health and Human Services (“HHS”), and the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (“CISA”) recently announced that hackers have been and will continue to target the United States hospitals and health-care providers. These attacks are cyber in nature and often lead to ransomware attacks, data left, and inevitable disruption of health care services when patient information is locked until the ransom can be paid.

Federal Trade Commission: Who is Protecting Your Personal Information in the Digital Age

 As our society evolves over to a more digital world, it is important to take a step back and review what we are putting online. Recently, data breaches have become a common occurrence in our day-to-day lives. In 2016, personal information from about 25 million Uber customers and drivers in the United States. The notorious website for individuals seeking extra marital affairs, Ashley Madison, has itself fallen victim to a data breach. The hacker dumped 9.7 gigabytes of data into/onto the dark web. The data released in the Ashley Madison breach included names, passwords, addresses, and telephone numbers of users who created an account on the site. When data breaches like these happen, the Federal Trade Commission (FTC) steps in to protect the United States consumers by investigating the source of data breaches and prosecuting hackers.

Cybersecurity – Overview of Financial Services Initiatives

The disclosures of major security breaches in 2017 such as Verizon, Equifax, Uber, the National Security Agency and the Transportation Safety Administration increased consumer concern about the safety of their personal and financial data. These disclosures also contributed to renewed Congressional analysis of data security standards in the financial services sector and review of current federal and state regulatory regimes. Insider cyber threats have become security remains a threat as well. In August 2017, the Securities and Exchange Commission (“SEC”) announced insider trading charges against seven individuals who gained access to confidential merger and acquisition data through a technology consultant’s misuse of an investment bank’s new computer system. State actions, governmental agencies and the financial services industry are actively combatting the growth of cyber-security threats.

Data Breaches: How Do We Keep Our Data Safe?

In the last month, multiple large-scale data breaches were reported by various entities, with 3 breaches reported in the past week alone. Unfortunately, even the most well-known entities do not stand a chance against increasing technological abilities of bad actors. Since the Equifax breach in early September, Whole Foods, Sonic, Deloitte and the Securities Exchange Commission, among others, had similar large-scale breaches affecting consumers across the country.

Personal Information Protection Act (“PIPA”): Redefining Cyber-Security & Consumer Protection

Illinois’ Personal Information Protection Act (“PIPA”) became effective on January 1, 2017.  Illinois is just one of many states that recently strengthened their data breach notification systems and created data security laws to enhance protection of personal information.  Like other state provisions, Illinois created stronger safeguards for personal information transmitted electronically.  This act requires that all personal information provided electronically must be encrypted or redacted.  The amendments to PIPA (1) broadened the statute’s definition of personal information; (2) clarified the safe harbor for encryption; (3) addressed required notification to residents after a breach; and (4) established limited exemptions.