SHIELD Act Becomes Law, Expanding Breach Notification and Data Security Requirements

On July 25, 2019, New York Governor Andrew Cuomo signed the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) into law. The SHIELD Act modifies the current Breach Notification Law to expand the types of data elements that are considered “private information” and to expand the data breach disclosure requirements for individuals and businesses. Moreover, the law creates a requirement that owners or licensors of private information meet a new “reasonable security requirement.”…

Health Care Organizations Have Highest Costs for Data Breaches

By Guest Contributor on July 25, 2019 Posted in Privacy and Security

As readers of this blog know, data breaches in the health care industry are all too common. Health care organizations are an attractive target for hackers because of the nature and amount of personal information that they possess.

Therefore, it is perhaps not surprising that healthcare organizations have the highest costs associated with data breaches. They also have significantly higher costs as compared to other industries.

According to the 2019 Cost of a Data Breach Report recently released by the Ponemon Institute and IBM Security, which was based on in-depth …

W2 Phishing Scam Hits Citizens Memorial Hospital

By Linn Foster Freedman on February 28, 2017 Posted in Hospitals and Health Systems, Privacy and Security

We continue to see all industries hit with W2 phishing scams, including the health care industry.

Citizens Memorial Hospital, located in Bolivar, Missouri, was hit with the scam when one of its employees believed that an email received from another employee was legitimate, and sent the W2s of its employees from 2016 to a hacker. Usually, the W2s are used by the hackers to then file false tax returns seeking a quick tax refund before the taxpayer files his or her return.

Employees continue to fall victim to the scheme …