OCIE’s most recent Risk Alert, published Sept. 15, 2020, address another cybersecurity issue, this time highlighting the dangers of “credential stuffing.” Credential stuffing is a method of cyberattack that uses compromised client login credentials and can lead to loss of customer assets and the disclosure of confidential or other personal information. Hackers will obtain groups or lists of usernames, email addresses, and their passwords from sellers on the dark web ...
Not only are healthcare providers under attack in the daily battle against the coronavirus, criminal actors are quickly taking advantage of relaxed HIPAA enforcement and standards, teleworking and the general intensity of the situation to exploit patient and other confidential information ...
The Department of Health and Human Services Office of Civil Rights (OCR) Spring 2019 Cybersecurity Newsletter includes new recommendations regarding how HIPAA covered entities can prepare to defend against cybersecurity attacks such as advanced persistent threats (APTs) and zero-day vulnerabilities ...
As if businesses did not have enough to worry about during this COVID-19 pandemic, it’s times like these when cybersecurity risk is at its peak. Distracted employees may be psychologically vulnerable to attack, and shifting quickly and unexpectedly to a remote workforce can create technology and control risks. It’s a perfect storm for cyber risk ...
Senate Bill 273 goes into effect on March 20, 2019, and creates new requirements for Ohio insurance companies, including health insurance plans, to develop and implement specific information security programs to safeguard nonpublic business and personal information. Senate Bill 273 is based upon the National Association of Insurance Commissioners’ Insurance Data Security Model Law (also referred to as "MDL-668") ...
Prior to the onset of the COVID-19 pandemic, the use of telehealth across Ohio and the United States was steadily increasing. However, out of necessity over the last two years, telehealth has expanded exponentially in order to reduce risks of COVID-19 transmission to practitioners and patients alike. Nearly overnight, the health care community was forced to change the way services were accessed, delivered, and received ...
On 14 March 2021, the law of 5 March 2021 on certain rules for the implementation of Regulation (EU) No 2019/1150 of the European Parliament and of the Council of 20 June 2019 on promoting fairness and transparency for business users of online intermediation services (the “P2B Regulation”) (hereinafter the “Law”) entered into force ...
November 16, 2022 By: William Miller, Anne Marie Ellis, and David DeBerry On August 1, 2022, the California Court of Appeals issued the decision in Martinez v. Cot’n Wash, Inc. (2022) 81 Cal.App.5th 1026 [297 Cal.Rptr.3d 712]. In Martinez, the plaintiff claimed that Cot’n Wash’s website (dropps.com) was inaccessible because it did not comply with the Web Content Accessibility Guidelines (WCAG) 2.1 ...
The online retail sector has seen a considerable increase in intervention by the competition authorities both on a national level and in Brussels. Most recently, in December 2018, the European Commission fined the clothing company Guess € 39.8 million for applying online sales and advertising restrictions ...
On 26 October 2023 the Online Safety Act (‘the Act’) received Royal Assent, enacting rules designed to, in the UK government’s words, make the UK the safest place in the world to be online ...
The Online Safety Act 2023 (the "OSA") became law on 26 October 2023 and will affect over 100,000 organisations. Here, we focus specifically on the overlaps between the OSA and data protection legislation, outlining the synergies (and differences) in key areas, together with some practical tips. This firm has been a consistent source of commentary and practical guidance on the new Online Safety Act 2023 (the ‘OSA’) ...
The Online Safety Bill is to be amended to include an offence for officers or senior managers of key tech companies who fail to comply with duties to protect children online. As currently drafted, the offence will apply to senior managers and officers (or those purporting to fulfil such functions) of "user-to-user services" (better known as social media sites, but they could include many online businesses, including forums, online gaming sites and cloud storage providers) ...
Many companies use so-called tracking tools on their website to analyze the use of the website by their visitors, and possibly also to carry out advertising activities on the basis of user profiles created with the tracking tools. These tracking tools mainly use cookies, i.e. small files that can identify a user of a website and that are deposited on the respective user's computer ...
The Bavarian Data Protection Authority ("BayLDA") has published an online test on its website that can be used by companies to determine how well they are prepared on key topics of the General Data Protection Regulation ("GDPR"). The GDPR will apply directly in the member states of the European Union with effect from May 25, 2018. This will result in significant changes to data protection law in many areas ...
Brenna K. Legaard is a registered patent attorney with Schwabe, Williamson & Wyatt. Legaard wrote the following op-ed on the use of blockchain technology in health care. When health care professionals and consumers think of blockchain, their minds very likely go to famous cryptocurrencies like Bitcoin. But blockchain technology can be applied to so much more, including to the field of health care ...
Smart buildings offer individuals, businesses and even cities better and more efficient ambient experiences. However, the connected technologies that make buildings “smart” tend to require processing massive amounts of data inputs, often including personal information ...
Open source software ("OSS") is quickly entering the mainstream and becoming increasingly widely used. In fact International Data Group analysts have predicted that the OSS marketplace will be worth £35 billion by 2008. OSS is software that is freely available (without discrimination) and can be copied, modified and redistributed ...
In principle, the author of a work protected by copyright has an exclusive right to reproduce or copy it. In Austria, however, anyone has the right to make copies of such works for private use. Originally, the legislator had scenarios in mind where people recorded music from the radio with their stereo system and a blank tape cassette, or recorded films via a video recorder. Collecting societies collect a levy as compensation for this private copying right ...
In El Salvador, the Bitcoin Law was approved by the Legislative Assembly and published in the Official Gazette last June 9th of this year, establishing avacatio legisof ninety days from its publication; in that sense, its entry into force is scheduled for next September 7th ...
The hacker group Anonymous announced that it, in concert with Middle East- and North Africa-based criminal hackers and cyber actors, will conduct a coordinated online attack labeled “OpUSA” against banking and government websites today, May 7. Anonymous stated that OpUSA will be a distributed denial of service (DDoS) in which websites may be defaced and legitimate users may be unable to access websites ...
Since the GDPR has been in force, almost every company has, among other things, dealt with issues of the permissibility of direct marketing and other marketing activities under data protection law. At their data protection conference on Nov. 07-08, 2018, the German data protection supervisory authorities issued a new "orientation guide" on this topic (as of November 2018) ...
Shoosmiths litigation team recently hosted a roundtable discussion with senior inhouse lawyers with clients in financial services, technology and the automotive sectors. In this discussion, each participant discussed their key takeaways from our recent Litigation risk 2024 report, their biggest concerns for the year ahead and identified some areas that need further exploration in 2025 and beyond. AI continues to create uncertainty making it a key litigation risk ...
On November 23, 2023, the State Council published theOfficial Reply of the State Council on the Work Plan for Supporting Beijing in Promoting the Construction of a Comprehensive Demonstration Zone for Further Opening up the National Service Sector(the "Reply") ...
PSD2 came into effect in the European Union on January 13, 2018. PSD2 is important as it aims to further harmonise the EU payments market and break the banks' de facto monopoly on the provision of payment services and the use of their customer data. Below is a review of developments to date as they relate to transposing PSD2 into Norwegian law, including an update on the most recent developments ...
