As the Biden administration begins detailing its regulatory and enforcement priorities, it faces a new challenge on the health data privacy and security front. In University of Texas M.D. Anderson Cancer Center v. United States Department of Health … [Read more] about Fifth Circuit Decision Raises Cyber Enforcement Complications for the U.S. Department of Health and Human Services
Both houses of Virginia’s legislature recently passed the Virginia Consumer Data Protection Act (S.B. 1392; H.B. 2307) (the “VCDPA”). If approved by the state governor, the VCDPA would become the United States’ second comprehensive state privacy law … [Read more] about Virginia Ready to Pass First State Privacy Statute after CCPA
When a controller engages a processor, the GDPR requires that the parties enter into a specific contract that contains certain mandatory provisions. This contract is often referred to as a ‘data processing agreement’ or ‘DPA’. To facilitate … [Read more] about The EDPB-EDPS Joint Opinion on Data Processing Standard Contractual Clauses: Key Takeaways
On January 27 and 28, 2021, the U.S. Department of Justice (DOJ) announced two successful operations to disrupt two different strains of malware, Netwalker ransomware and a banking Trojan known as Emotet, which have affected victims around the globe … [Read more] about U.S. Takes Part in Multinational Efforts to Disrupt Netwalker Ransomware and Emotet Malware
On January 5, 2021, the president signed into law H.R. 7898, an Act that amends the Health Information Technology for Economic and Clinical Health (HITECH) Act to require the Secretary of Health and Human Services (HHS) to consider specific … [Read more] about New Law Requires HHS to Consider Recognized Security Practices as Mitigating Factor When Determining Penalties