OCR Settles HIPAA Security Rule Enforcement Action with Heritage Valley Health System Stemming from Ransomware Attack

On July 2, 2024, the U.S. Department of Health and Human Services' Office for Civil Rights (OCR) announced a settlement with Heritage Valley Health System (Heritage Valley), a healthcare provider operating in Pennsylvania, Ohio, and West Virginia. This is the OCR's third ransomware settlement and is based on allegations of potential violations of the Health …

Continue reading "OCR Settles HIPAA Security Rule Enforcement Action with Heritage Valley Health System Stemming from Ransomware Attack"

Texas Attorney General Launches Major AI, Data Privacy, and Security Initiative

FOR IMMEDIATE RELEASEJune 4, 2024www.texasattorneygeneral.govPRESS OFFICE: (512) 463-2050Communications@oag.texas.gov Attorney General Ken Paxton Launches Data Privacy and Security Initiative to Protect Texans’ Sensitive Data from Illegal Exploitation by Tech, AI, and Other Companies  AUSTIN – Texas Attorney General Ken Paxton has launched a major data privacy and security initiative, establishing a team that is focused on aggressive …

Continue reading "Texas Attorney General Launches Major AI, Data Privacy, and Security Initiative"

Counseling Clients on Managing the Risks of Artificial Intelligence – Texas Bar Journal

I would like to say a big ole Texas-sized "Thank You" to the Texas Bar Journal for publishing Legal Reasoning: Counseling Clients on Managing the Risks of Artificial Intelligence, in the May 2024 issue of the Journal. I wrote this article along with my colleague Kristen Petry, whose work was invaluable in the preparation of …

Continue reading "Counseling Clients on Managing the Risks of Artificial Intelligence – Texas Bar Journal"

Discussion on Cyber Security and Cyber Law Identity Governance Matters for #AuditTuesday Show

It was great to be a guest on the YouAttest #AuditTuesday show to talk about Cybersecurity and Cyber Law Identity Governance Matters. If you enjoyed this video, please join the discussion here on LinkedIn! https://youtu.be/wwEphvc7mN4?si=fa5yRK1dKUQAqIpO

Texas Bar Journal 2023 Cybersecurity & Data Privacy Year in Review

I am happy that I was able to provide the Texas Bar Journal’s 2023: The Year In Review - Cybersecurity & Data Privacy Update which addressed the following issues: how the Texas "hacking laws" and issue of "consent" impact the discovery of evidence of child pornography whether sending a malicious phishing email violates "hacking laws" …

Continue reading "Texas Bar Journal 2023 Cybersecurity & Data Privacy Year in Review"

Neural Privacy is Where It’s At — Brain Scanning Technology is Causing States to Look at Protecting the Privacy of Our Thoughts

UPDATES 2024.03.15 Neuralink is now being used to play chess! https://www.youtube.com/watch?v=LfwzfP8cp3A This morning I read an article about how brain scanning technology is causing Colorado and Minnesota to propose legislation that is aimed at establishing rights and protections for information collected from our thoughts through the neural signals that can be scanned and collected from …

Continue reading "Neural Privacy is Where It’s At — Brain Scanning Technology is Causing States to Look at Protecting the Privacy of Our Thoughts"

Microsoft — Yep, You Read That Right, Microsoft — Just Got Hit With a Successful Cyber Attack! What Does this Mean for Your Company?

"There is no such thing as 'secure' when it comes to cybersecurity." "The odds in cybersecurity are impossible -- those defending have to get it right 100% of the time and those attacking only need one lucky shot." These are a few of the sayings that I have used throughout the years when trying to …

Continue reading "Microsoft — Yep, You Read That Right, Microsoft — Just Got Hit With a Successful Cyber Attack! What Does this Mean for Your Company?"

How to Implement Cybersecurity Insurance for Small and Medium/Large Organizations – HHS 405(d) Resource

HHS 405(d) is an excellent resource that provides cybersecurity and cyber risk guidance for not only healthcare organizations, but all organizations. HHS 405(d) released the following resource for cyber insurance. Before getting to the resource, however, there are two critical things you must know about cyber insurance: Your organization must have it. For incident response …

Continue reading "How to Implement Cybersecurity Insurance for Small and Medium/Large Organizations – HHS 405(d) Resource"

Beware of Holiday Gift Card Scam that Could Steal Your Money, Shawn Tuma Discusses Tips to Protect Yourself

There is a trending scam of stealing funds from gift cards purchased in stores where criminals replace original gift cards with nearly-perfectly doctored cards that have been tampered with by having the barcodes changed to transfer the money intended to go on the gift card to other accounts controlled by the criminals. "Steal the originals, …

Continue reading "Beware of Holiday Gift Card Scam that Could Steal Your Money, Shawn Tuma Discusses Tips to Protect Yourself"

DFW Area Friends – Join Me to Talk Real World Cyber Incident Response and Preparation at Tech Titans’ Cybersecurity Forum

Your organization has been breached, now what? That's the title of our discussion at Tech Titans' Cybersecurity Forum this Thursday, December 14, 2023, from 3:30 - 6:00 PM in Richardson, Texas. This event is available for both members of Tech Titans and non-menbers and you can register at this link: https://business.techtitans.org/events/details/cybersecurity-forum-december-14-2023-4826?calendarMonth=2023-12-01 I will be moderating …

Continue reading "DFW Area Friends – Join Me to Talk Real World Cyber Incident Response and Preparation at Tech Titans’ Cybersecurity Forum"