It is not uncommon for employers to assign badges to their employees to grant access to certain locations on the employer’s property and parking garages. Many employees have them, use them, lose them and think little of them. But, badges made by Humanyze are so much more, raising concerns from privacy advocates and others. According
DFS’ Proposed Cybersecurity Regulation Edges Closer to Becoming Final Following Public Hearing
The New York State Assembly Committee on Banks held a public hearing on December 19, 2016, receiving testimony about both the benefits and challenges of a recently proposed regulation to address the growing threat posed by cyber-attacks on banks, insurance companies and most other entities which are regulated by the Department of Financial Services (DFS).
FTC Joins Other Agencies In Warning Organizations About Ransomware
Earlier this month, the Federal Trade Commission (FTC) blogged about How to defend against ransomware, and published Ransomware – A Closer Look in the “Tips and Advice” section of its website. This follows warnings from other federal agencies and law enforcement concerning this serious online threat to organizations, such as Dept. of Health and
Cyber Security Awareness Needs To Last Beyond October
The U.S. Department of Homeland Security (DHS) has designed October as National Cyber Security Awareness Month. But as we leave October, remember that data security is an ongoing challenge that requires continued vigilance not just from information system hacking, but also from employee error and other threats. Setting up a comprehensive training and awareness program
HHS Issues Cloud Computing Guidance Which Is Helpful To All Users of Cloud Services
Last week, the Department of Health and Human Services’ Office for Civil Rights (OCR) provided guidance for HIPAA covered entities and business associates that use or want to use cloud computing services involving protected health information (PHI). Covered entities and business associates seeking cloud services often have many concerns regarding HIPAA compliance, and this
New York State Proposes Cybersecurity Regulation Impacting Banks, Insurance Companies & Other Financial Services Institutions
New York Governor Andrew M. Cuomo announced yesterday a new proposed regulation to address the growing threat posed by cyber-attacks. According to the State’s press release, the proposed regulation, which is subject to a 45-day notice and public comment period before final issuance, “aims 
to protect consumer data and financial systems from terrorist organizations and
Colorado Law Grants Employees Right to Access Personnel Files
Beginning January 1, 2017, employees in Colorado will now have a right to inspect and copy their personnel files. Prior to this law, Colorado had no law granting private-sector employees access to their personnel records.
Under the new law, upon a current employee’s request, an employer must allow that employee to inspect and obtain
EU, U.S. Agree On Revisions To Privacy Shield
According to reports, the European Union and the United States have agreed on changes to the EU-U.S. Privacy Shield (Privacy Shield) which will be sent to the EU member states and the college of the 28 EU commissioners ultimately paving the way for final approval early next month. “We have agreed on the changes
5 Practice Tips for Law Firms as Data Breach Spotlight Swings Their Way
While data breach incidents affecting the entertainment, retail, healthcare, and financial industries have garnered more attention in past years, the data breach spotlight recently shifted to law firms.
This shift was triggered by media coverage of the breach and leak of the Panama Papers, and by reports that, in 2015, hackers breached the networks
Nebraska Amends Data Breach Notification Law
On April 13, 2016, Nebraska’s breach notification statute was amended when Governor Pete Ricketts signed LB835 into law. The Amendment included a variety of changes, including a regulator notification requirement and broadens the definition of “personal information” in the state data breach notification statute, Neb. Rev. Stat. §87-802 – 87-804. These amendments become effective on