Written Information Security Program

Subscribe to Written Information Security Program via RSS

A New York Times article earlier this week reported that top officials at the Treasury Department have identified a key area for strengthening data security – third-party service providers. Reuters reported that on Tuesday of this week New York State Department of Financial Services superintendent, Benjamin Lawsky, sent a letter to a number of

While recent legislation has tended to tighten data breach notification requirements (e.g., Florida and California), Assembly Bill 1755 extended the breach notification deadline from five to 15 days for certain healthcare providers. More specifically, according to AB1755 which becomes effective January 1, 2015, the deadline to provide notification of a breach of medical information 

On September 25, a four-year old boy from New Jersey died of Enterovirus D-68, reports myfoxphilly.com. Increasingly, there are reports about potential Ebola cases in the U.S.

Naturally, the spread of infectious disease raises concern for everyone, particularly for healthcare workers who want to do their jobs, and also protect their families. There are

California Governor Jerry Brown signed AB-1710 into law yesterday amending its existing data breach notification statute. The most significant change – companies that experience a data breach must provide information in the notification that if identity theft prevention and mitigation services are provided, they must be provided for at least 12 months to affected persons

When many people think about identity theft and data breaches, they tend to think about credit card data and bank accounts. This makes sense given the large-scale breaches in the news lately. However, Reuters reported last week that medical information is “worth 10 times more than [] credit card number[s] on the black market” a

I recently had the pleasure of speaking to a great group at the Connecticut Assisted Living Association (CALA) about HIPAA and a range of related practical issues. Many covered entities and business associates, particularly those that are small businesses, continue to work on understanding the privacy and security standards, and how to best apply them

In what is believed to be the largest security breach to date, the Associated Press reported that Russian hackers have stolen 1.2 billion user names and passwords. According to the AP, Milwaukee security firm, Hold Security, learned of the breach, but has yet to provide details about the series of website hackings believed to have

As we reported earlier, Florida lawmakers passed extensive revisions to its existing data breach notification law, SB 1524. On June 20, 2014, Florida’s Governor Rick Scott signed the bill into law, which becomes effective on July 1, 2014.

Our earlier post provides more of a discussion about key provisions of the law. But

The last couple of times I passed by the TV to see what the kids were watching, I was surprised not to see Spongebob Squarepants or the Yankee game (Michael and Grace have their separate interests, but they usually can agree on something, at least in the short term). Anyway, they happened to be intently