You are here
Home > News > Cyberlaw

OCR reminds business associates of direct liability for noncompliance with HIPAA Rules

Supply chain risk hasn't been out of the news recently. In the US, the regulator is reminding business associates of healthcare companies that they are also subjects of regulatory oversight...: The HHS Office for Civil Rights (“OCR”) recently issued a new fact sheet (“Fact Sheet”) addressing direct liability of business associates for violations of the HIPAA Privacy, Security and Breach Notification Rules (“HIPAA Rules”). The Fact Sheet serves as a reminder to business assoc

Oregon Amends Data Breach Notification Law to Apply to Vendors

Following the anniversary of GDPR coming into force we're seeing a wide range of breach notification timeframes from 24 hours (e.g. California), through 72 hours (GDPR), 10 days (Oregon) up to 30 days. Given that multinationals may have to notify in multiple jurisdictions it's best to plan and test for 24 hours...: [...] On May 24, 2019, Oregon Governor Kate Brown signed into law Senate Bill 684, which requires vendors, service providers and other entities that maintain or p

China marches into cybersecurity classified protection 2.0 – May 2019

Operating in China or sharing data with Chinese firms?...: The cybersecurity classified protection regime attracted significant attention when it was included in the Peoples Republic of China (PRC) Cyber Security Law promulgated in 2017 (the CSL). The CSL mandates that network operators follow certain security requirements based on the levels of risk associated with their networks.

Government must do more to protect UK from cyber attacks, MPs warn

This is a "something must be done" report. Let's see if there is any action coming out of the committee's report...: The government has not done enough to protect the UK from the growing risk of cyber attacks, MPs have warned. The influential Public Accounts Committee (PAC) today published a report criticising the government for not making sufficient progress in its cybersecurity strategy. The PAC said the UK’s plan for fending off cyber attacks had been hampered by the

G20 Side Event – International Seminar on Personal Data

Information Commissioner Elizabeth Denham's speech at the G20 Side Event - International Seminar on Personal Data in Tokyo on 3 June 2019. Note the focus on adequacy and interoperability...: A special thank you to our hosts the Personal Information Protection Commission. I understand there are several ways to say thank you in Japanese, and given the hospitality I’ve enjoyed since I’ve been here I can understand why. So Doumo Arigatou. I’m speaking to you today as a Canadi

Blog: Counting the cost of accessing environmental information

The ICO does its bit for the Green movement...: At the beginning of May, Parliament declared a ‘climate change emergency’ and concerns about the environment make news headlines almost every day. So it’s more important than ever that people are able to get the information they need to take part in informed debates. A recent decision taken by the Information Commissioner’s Office (ICO) will now make it easier for people to do so. Alongside the Freedom of Information Act