Category: State Level

Alaska DHSS Fined $1.7M Over Data Breach


The Alaska Department of Health and Social Services (DHSS) – the state’s Medicaid agency – has agreed to pay $1.7 million to the U.S. Department of Health and Human Services (HHS) to settle possible violations of the HIPAA Security Rule, making it the second largest settlement for HIPAA violations to date. As part of the settlement, the state has also agreed to take corrective action to properly safeguard the electronic personal health information (PHI) of their Medicaid beneficiaries. Click for…

Click for complete article >>

Final Phase Of Massachusetts Data Protection Law To Kick In On March 1

Greetings From Massachusetts

All companies storing personal data on Massachusetts residents have just over a month to ensure that their contractors, suppliers, technology providers and other third parties comply with a provision of a state data breach law that went into effect in March 2010. The law is designed to ensure that companies holding data on Massachusetts residents have certain security controls in place . Over the past two years, most of the provisions of the bill have already gone into effect. The last…

Click for complete article >>

Data Breach Bill Stalled

Posted November 3, 2011 by TeamSHATTER Admin in Breach Notification Laws, Compliance, Data Breach, Database Security, State Level with 0 comments
cyber security USA and Russia

Months of staff work and multiple headline-making data breaches later, the Senate Commerce Committee is still at the drawing board on data security legislation. Committee Chairman Jay Rockefeller (D-W.Va.) and Sen. Mark Pryor (D-Ark.) have been unable to forge consensus on a bill much discussed in tech circles that would force companies to bolster their data security practices and notify consumers whose information has been stolen. The panel has posted some progress. A reworked version of the bill, released last…

Click for complete article >>

Mitsubishi Hack May Have Yielded Defense, Nuke Secrets

Posted October 26, 2011 by TeamSHATTER Admin in Breach Costs, Data Breach, Database Security, Government (Federal), State Level with 0 comments
Mitsubishi heavy industries hack

A report claims the recent hack of Japanese Defense Contractor Mitsubishi Heavy Industries may have led to the theft of sensitive data related to weapons systems and nuclear reactors. The report, on the Website of The Asahi Shimbun, cites unnamed sources as saying that malware planted on servers belonging to MHI exporting “sensitive information concerning vital defense equipment, such as fighter jets, as well as nuclear power plant design and safety plans.” The revelations come after an internal investigation by…

Click for complete article >>

Former California SEIU Hospital Employee Sentenced For $1M+ Identity Theft

Posted September 28, 2011 by TeamSHATTER Admin in Compliance, Data Breach, Database Security, Health Care, HIPAA, State Level, User Rights with 0 comments
ID Thief Sentenced To Jail

Mia Camille Garza describes herself as “somebody who has fallen off the path.” Her victims understandably aren’t as charitable. Last Thursday, September 22, Garza, a former benefits clerk for the California-based, Service Employees International Union-affiliated United Healthcare Workers West (SEIU-UHW) was sentenced in Sacramento Superior Court to 12 years and four months in prison for stealing information on nearly 30,000 Kaiser Permanente union employees throughout the state. The stolen information facilitated thefts, often of high-end merchandise, estimated thus far at…

Click for complete article >>

1 In 3 Massachusetts Residents Experienced Data Breach In 2011

Massachusetts Data Breach

Personal information from nearly one out of three Massachusetts residents, from names and addresses to medical histories, has been compromised through data theft or loss since the beginning of 2010, according to statistics released yesterday by the office of Attorney General Martha Coakley. A state law enacted in 2007 requires all companies doing business in Massachusetts to inform consumers and state regulators about security breaches that might result in identity theft. That could include leaks of individual names along with…

Click for complete article >>

California Updates Data Breach Law to Require More Incident Details

Posted September 2, 2011 by TeamSHATTER Admin in Breach Notification Laws, Compliance, Data Breach, Database Security, State Level with 0 comments
national data breach law

California has updated its data breach notification law to further define what organizations have to do in case customer data is stolen. The bill, SB-24, updates California’s current data breach notification law by requiring organizations to include in the breach notification letters the specifics of the security incident and advice on steps customers should take. The bill also includes provisions mandating that if the security breach affected 500 or more people, the organization must submit a copy of the letter…

Click for complete article >>

U.S. Government To Recruit Hackers At DEFCON

defcon recruit hacker

The National Security Agency has a challenge for hackers who think they’re hot stuff: prove it by working on the “hardest problems on Earth.” Computer hacker skills are in great demand in the U.S. government to fight the cyber wars that pose a growing national security threat — and they are in short supply. For that very reason an alphabet soup of federal agencies — DOD, DHS, NASA, NSA — are descending on Las Vegas this week for Defcon, an…

Click for complete article >>

Pentagon Gets Cyberwar Guidelines

Posted June 22, 2011 by TeamSHATTER Admin in Government (Federal), Government (State), State Level with 0 comments
cyberwar laws

President Obama has signed executive orders that lay out how far military commanders around the globe can go in using cyberattacks and other computer-based operations against enemies and as part of routine espionage in other countries. The orders detail when the military must seek presidential approval for a specific cyber assault on an enemy and weave cyber capabilities into U.S. war fighting strategy, defense officials and cyber security experts told The Associated Press. Signed more than a month ago, the…

Click for complete article >>

New Nationwide Breach Law Could Force Data-Centric Security Push

national data breach law

The surge in high-impact data breaches in the first half of 2011 — and its resulting attention from consumers — is increasing the pressure on federal lawmakers and regulators to introduce nationwide data breach disclosure and protection laws. Though no one is sure what its final language might say, a federal law requiring companies to disclose their breaches has a better chance of passing this year than ever before. Experts believe that enterprises will need to bolster data-centric protection policies…

Click for complete article >>
Powered by