In mid-March, Utah Governor Spencer Cox signed into law the Cybersecurity Affirmative Defense Act (HB80) (“the Act”), an amendment to Utah’s data breach notification law, creating several affirmative defenses for persons (defined below) facing a cause of action arising out of a breach of system security, and establishing the requirements for asserting such a defense. … Continue Reading
Privacy and cybersecurity risks continue to emerge for organizations large and small. While by no means exhaustive, we briefly discuss some key issues that organizations may need to focus on in 2019 and beyond. Business Email Compromise (BEC)/Email Account Compromise (EAC) – BEC and EAC attacks are widespread and show no sign of slowing in the … Continue Reading
This recent Michigan case makes clear that when handling protected health information, HIPAA is not the only game in town. Health care providers also must consider state law protections which, as this and other courts have held, will trump HIPAA when the state laws are more protective.… Continue Reading
Keystroke logging (or “keylogging”) is the noting (or logging) of the keys struck on a computer keyboard. Typically, this is done secretly, so the keyboard user is unaware his activities are being monitored. Several cases throughout the country have examined an employer’s use of keylogging. Recently, the Criminal Court of the City of New York held … Continue Reading