Tag Archives: NIST

Could Careless Coders Face False Claims Liability?

Photo of Brian CraigPhoto of Stephen E. RuscusBy Brian Craig and Stephen E. Ruscus on Posted in Software
New Software Development Security Attestation and Related False Claims Act Liability for Commercial and Noncommercial Software Developers and Suppliers Key takeaway Software producers at all levels in the federal supply chain should prepare to attest that their software development practices comply with National Institute of Standards and Technology (NIST) standards supported by artifacts that demonstrate … Continue Reading

‘Unboxing’ the New NIST Guidance: NIST Publishes Significant Update to Healthcare Cybersecurity Guide

Photo of Adam CohenPhoto of Kimberly GordyPhoto of Aleksandra VoldBy Adam Cohen, Kimberly Gordy and Aleksandra Vold on Posted in Healthcare
Without question, healthcare providers and the companies that support them operate in an elevated cybersecurity risk environment. And when a cybersecurity incident occurs, the ensuing regulatory inquiries and/or litigation often focus on whether the entity followed recognized security practices. The National Institute of Standards and Technology (NIST) Cybersecurity Framework has long been one of the … Continue Reading

Happy First Birthday to the NIST Privacy Framework!

Photo of Jeewon SerratoBy Jeewon Serrato on Posted in Privacy
BakerHostetler partner Jeewon Serrato has contributed a NIST Privacy Framework’s CCPA Crosswalk and is featured in an animated video by the NIST which shows how the NIST Privacy Framework can be used by organizations to build trust with their customers, communicate better about privacy, and help meet their compliance obligations. Jeewon is also featured in NIST’s … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster on Posted in Weekly Privacy Rewind
Biometric Information Privacy Act AGCO Corp., Ceridian HMC Inc. and Hegewisch Development Corp. Latest Employers to Face Allegations of BIPA Violations • Lawsuits against employers for alleged violations of Illinois’ Biometric Information Privacy Act (BIPA) show no signs of slowing, with three more employers, AGCO Corp., Ceridian HCM Inc. and Hegewisch Development Corp., all facing … Continue Reading

Webinar Recording – Implementation of the Cybersecurity Executive Order

Photo of BakerHostetlerBy BakerHostetler on Posted in Cybersecurity
In issuing the Cybersecurity Executive Order last February, President Obama declared that the “cyber threat is one of the most serious economic and national security challenges we face as a nation” and that “America’s economic prosperity in the 21st century will depend on cybersecurity.” Now, important benchmarks in implementing this Executive Order have been reached. … Continue Reading

Health Plan Settles HHS OCR Investigation Related to Photocopier Breach for $1.2m

By Kimberly M. Wong on Posted in Enforcement, HIPAA/HITECH, Medical Privacy
The Department of Health and Human Services Office for Civil Rights (HHS OCR) today announced its 4th resolution agreement of 2013.  Affinity Health Plan, Inc., a not-for-profit managed care plan serving the New York metropolitan area, has agreed to settle potential violations of the HIPAA Privacy and Security Rules for $1,215,780.  The resolution agreement relates … Continue Reading

Catching Up on Cloud Computing

Photo of Craig A. HoffmanBy Craig A. Hoffman on Posted in Cloud Computing, Information Security
 If you are considering cloud computing and need to address related data privacy concerns, the articles discussed below provide an explanation of how cloud computing actually works to help you with your analysis.  The National Institute of Standards and Technology (NIST) recently revised its definition of cloud computing: “Cloud computing is a model for enabling … Continue Reading
LexBlog