Why did Lifespan Health face such a stiff HIPAA penalty for a stolen laptop? (publication)

Many thanks to HealthcareITNews for publishing my recent article Why did Lifespan Health face such a stiff HIPAA penalty for a stolen laptop? HHS is trying to get companies to comply with the law and, more broadly, their obligation to protect the sensitive information that people have entrusted to them. We have handled numerous cases … Continue reading Why did Lifespan Health face such a stiff HIPAA penalty for a stolen laptop? (publication)

What Can Happen if You Do Not Notify Following a Data Breach?

Here is one of the questions we get asked most often: “Ok, so we’ve had a real data breach and you say we have clear notification obligations, what can happen if we just ignore it and pretend it never happened — that is, we just don’t notify?” Unfortunately, this question is oftentimes coupled with this … Continue reading What Can Happen if You Do Not Notify Following a Data Breach?

With ransomware attacks increasing, cyber insurance now seen as a necessity, not a luxury (publication)

Many thanks to Security Magazine for publishing my recent article With ransomware attacks increasing, cyber insurance now seen as a necessity, not a luxury In reality, there is no “secure” — even when the best security measures are taken. When hackers want to get in and disrupt a business, they will. Companies must be resilient, … Continue reading With ransomware attacks increasing, cyber insurance now seen as a necessity, not a luxury (publication)

Think Your Company is Too Pretty To Be Hit With A Ransomware Attack? Think Again.

Ask beauty-brand Avon, which was hit with a ransomware attack on June 8 that shut down some of its operations for over a week: A source tracking the incident has told ZDNet today that the Avon incident is a ransomware attack carried out by the DopplePaymer gang. Avon recovering after mysterious cyber-security incident

Think your company’s IT is too sophisticated to be hit with a ransomware attack? Think again.

A lot of business executives -- and far too many IT professionals -- think that their company's IT systems are too sophisticated and well-maintained for their company to have a successful ransomware attack against it. They think their company is doing it all right and this is only the kind of stuff that happens to … Continue reading Think your company’s IT is too sophisticated to be hit with a ransomware attack? Think again.