On December 28, 2018, the Department of Health and Human Services (HHS) issued new voluntary cybersecurity guidance for the health care industry titled, “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients.” This … [Read more] about HHS Releases New “Health Industry Cybersecurity Practices”
Michigan enacted the Michigan Data Security Act on December 28, 2018, imposing stringent cybersecurity measures on any person (individual or corporate) licensed by the Michigan Department of Insurance and Financial Services. Based on the 2017 NAIC … [Read more] about Michigan Enacts Insurance Data Security Model Law
South Carolina’s prescriptive data security law for insurers took effect on January 1, 2019. Subject to specified exemptions, the law requires any person licensed pursuant to South Carolina insurance laws to take certain steps, including among other … [Read more] about South Carolina Insurance Data Security Law Now Effective
The Department of Commerce recently issued a number of FAQs on the effect of the UK’s impending exit from the EU on the Privacy Shield. As these FAQs make clear, there remains significant uncertainty as to how the UK’s exit will play out from a … [Read more] about Department of Commerce Issues FAQs on UK’s Exit from the EU
On December 20, 2018, the Department of Justice and the FBI announced the indictment of two Chinese hackers, Zhu Hua and Zhang Shilong, who have been charged in a years-long global hacking campaign that resulted in the theft of sensitive information … [Read more] about DOJ Announces Indictment of Chinese Hackers