December 2017 – InfoHive

Lege TREND. Bills Protecting Health Care Data in 2 States.

Maryland HB 974 (2017)

Includes all HIPPA information in the defintion of personal information for state data breach law purposes
The bill also protects Biometric data, such as fingerprints, voice prints, and genetic prints

Delaware HB 180 (2017)

Includes medical history in the defintion of personal information
Requires “any person who conducts business in Delaware and maintains personal information must safeguard that information.”
Requires health insurance information to be protected
Es…

Legal Trend. Data Breach Liability for Employers

A UK court found that an employer, that had taken appropriate measures to prevent a data breach, can be held vicariously liable for a data breach when an employee:

deliberately misused the data
intended to cause damage to the employer by misuing the data

Bonjour U.S. State Legislators- daat security liability issues should be in your radar.

Lexology | Employer held vicariously liable for employee’s deliberate data breach

WM Morrison’s Supermarket PLC | England and Wales High Court (Queen’s…

Regulatory TREND. Imposing Data Security on Credit Reporting Agencies. Read the new Rules from NY

New York’s new rules on credit reporting agencies will do these 4 things:

Require consumer credit-reporting agencies to identify “dedicated points of contact” for New York’s Division of Consumer Protection
- WHY? Ensure consumers can promptly get answers
Mandate that credit-reporting agencies respond “within 10 days” to any requests for information made on behalf of consumers by the Division of Consumer Protection
Credit reporting agencies must “plainly disclose” to consumers all fees…

3 Ways The Los Angeles Cyber Center is a Model for Cities

What standards did Los Angeles use in crafting its Cyber Center? Federal Government and industry Standards

The key to the city Cyber Center? integrated strategic operations center

What does the integrated strategic operations center do?

“processes cyber threat information from the Homeland Security Department, the FBI and various private sector and non-profit sources and feeds it out to its member operations centers and to city departments”

How does this help unify cyber protections…

State Attorney Generals Raise 3 Issues in Suing Over Net Neutrality Rule

The FCC overturns net neutrality rules and Attorneys General of New York and Washington announce their lawsuit raising these 3 concerns:

FCC’s net neutrality repeal harms consumers
FCC’s net neutrality repeal harms small business
FCC’s net neutrality repeal harms innovation

The Attorney General of Washington State notes that he is 5-0 in his lawsuits against the Trump administration.

The Hill | Washington AG to sue over net neutrality repeal

6 Data Security Policy Trends in 2018

Policies to improve data security workforce
Liability policy for businesses that utilize 3rd parties to manage and mitigate security incidents and challenges
Policies to encourage more women in data security workforce
Liability and notification requirements when comapnies utilize automated security security tools
Policies that Support Awareness and Training of existing workforce
Policies that ecourage businesses to maintain a base level of data security and notification requirements

Hea…

Data Security Legislation is a Driver to Increase Data Security Insurance.

Progressive Market’s analysis lists 3 drivers for an increased demand in cyber insurace/data security insurance including:

legislation on data security
growing number of cyber-attacks which have led to great losses for organizations worldwide
rise in awareness of different cyber risks
Digital Journal | Cyber Insurance Industry Will Be the Next Big Thing in 2018