These days, news stations are frequently running stories concerning people being treated for COVID-19, the providers working tirelessly to care for them, and politicians visiting health care facilities for a first-hand look at the crisis. In response to the media interest, the Office for Civil Rights (OCR) issued guidance on May 5, 2020 to healthcare … Continue Reading
I think that people in general are decent and good. There are always some bad apples, but during crises most people want to help others. During the coronavirus pandemic, many people are doing everything they can to help others, including assisting neighbors, family members, friends and health care workers. Charitable organizations have stepped up to … Continue Reading
Following the devastating impact of the coronavirus on small businesses, many small businesses applied for a disaster loan through the Small Business Administration (SBA) for relief. Small businesses that qualify for the disaster loan program, which is different than the Paycheck Protection Program offered by the SBA, can apply for the loan by uploading the … Continue Reading
The New York Department of Financial Services (DFS) recently issued guidance to its regulated entities regarding heightened cybersecurity awareness as a result of the COVID-19 pandemic. DFS described three primary areas of heightened risk during this time: remote working, increased instances of phishing and fraud, and third-party risks. With respect to remote working, DFS noted … Continue Reading
Google has warned users in a blog article that nation state-backed hackers are using the COVID-19 crisis to ramp up phishing attempts and, in one example, are posing as American fast food franchises and sending malicious emails with fake offers and coupons to government officials and health care workers. Google has identified over 12 government-backed … Continue Reading
Interpol has issued an alert to global law enforcement agencies about the increased risk of ransomware attacks on hospitals, health care providers and other organizations on the front line of response to the COVID-19 pandemic. The Purple Notice, issued to all 194 member countries, notified them that Interpol’s Cybercrime Threat Response team has detected a … Continue Reading
In the past week, the United States government started issuing Economic Impact Payments (EIP) of up to $1,200 per qualified individual and $500 per child. The amount of the EIP received depends on one’s adjusted gross income from the 2019 (or 2018) federal tax filing. If a taxpayer who is qualified to receive the check … Continue Reading
Although email seems to be the preferred method of communication during the coronavirus pandemic, an error made by a City of Los Angeles employee is one to learn from and avoid repeat. Unfortunately, when emailing COVID-19 results to multiple individuals, instead of blind copying the recipients with the results, a staff member from the City … Continue Reading
On April 1, 2020, Microsoft issued a specific warning to health care entities alerting them that they are at particular risk during the COVID-19 crisis, as threat actors are using the pandemic to take advantage of vulnerabilities while hospitals are focused on responding to the crisis. According to Microsoft “[D]uring this time of crisis, as … Continue Reading
On March 24, 2020, the U.S. Department of Health & Human Services (HHS) Office for Civil Rights (OCR) issued new HIPAA guidance to help providers and first responders in its efforts to combat the COVID-19 pandemic. OCR’s guidance addresses when HIPAA allows disclosures without patient authorization of identifying health information to first responders – such … Continue Reading
The scammers know that most of us are working from home and are trying to use this to their advantage. The robocalls have increased, and telemarketers are calling more frequently, but with a new twist—preying on fears of consumers about coronavirus. I am on the Do-Not-Call list, yet I am still getting many unwanted robocalls. … Continue Reading
For those of us who work outside of the home during normal times, we know when we are home on the weekends not to answer our home telephone unless we recognize the number or caller. The same is, of course, true for our mobile phones. If the caller is someone we know, they will leave … Continue Reading
Recently businesses and advertising trade groups wrote a letter to the California Attorney General Xavier Becerra to request delayed enforcement of the California Consumer Privacy Act (CCPA) as a result of the COVID-19 global pandemic. The letter cited the current health crisis as a result of COVID-19 and a state of national emergency as the … Continue Reading
Despite the fact that the hackers behind Maze ransomware previously promised not to hit medical organizations during the coronavirus pandemic, it recently attacked a British medical lab that is slated to test COVID-19 vaccines during the pandemic. The Maze hackers previously said publicly that it would “stop all activity versus all kinds of medical organizations … Continue Reading
On March 20, the U.S. Department of Health and Human Services (HHS) issued additional guidance in the form of Frequently Asked Questions (FAQs) on HIPAA and telehealth services to help providers furnish care during the COVID-19 pandemic. The FAQs follow and provide further information on the Notification of Enforcement Discretion issued by HHS on March 17 (Notification), … Continue Reading
Evil doers know that the best time to attack is during a crisis or a time of vulnerability. As the United States, and specifically, the Department of Health and Human Services (HHS) attempts to respond to and get ahead of the COVID-19 pandemic in the U.S., hackers, likely from a foreign enemy nation state, ramped … Continue Reading
In response to the coronavirus crisis, many companies have mandated that employees work from home in order to assist in slowing the spread of the virus. With more employees working from home, and a wider network to protect, security experts are warning companies to be vigilant with security measures. In addition, it is widely reported … Continue Reading
Acknowledging the “additional challenges” on health care providers following the outbreak of COVID-19, the Department of Health and Human Services (HHS) recently issued several waivers for covered entities to address the need to share patient information after the President declared a national emergency concerning COVID-19. One of the waivers issued by HHS is to “waive … Continue Reading
The COVID-19 virus is having an unprecedented effect on all aspects of our daily lives, and has hit the educational system especially hard with forced closures and cancellations. Because educational institutions play such a vital role in our communities, the Department of Education (DOE) recently issued guidance in the form of Frequently Asked Questions (Guidance) … Continue Reading
The conference I was supposed to speak at next week was just cancelled, as many are and will be, due to coronavirus concerns. The topic was “Insider Threats and How to Mitigate Them.” One of the points I was going to make was that insider threats, both malicious and unintentional, are an ongoing and serious … Continue Reading
Our firm is a proud member of the International Association of Privacy Professionals (IAPP), as are those of many of my colleagues in the industry. I attend the IAPP Global Privacy Summit every year, and have done so since (I think) 2004. Yikes. Back in the early days, hundreds of individuals attended the conference in … Continue Reading
The Office of Civil Rights (OCR) last month provided guidance and a reminder to HIPAA covered entities and their business associates regarding the sharing of patient health information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule during an outbreak or emergency situation such as what we are all facing right now … Continue Reading
The coronavirus—or COVID-19—has health care experts scrambling, and has caused global concern for health and well-being due to its rapid spread throughout many countries, including the United States. A scare like this is the perfect opportunity for scammers and fraudsters to prey on well-intentioned people. Unfortunately, during this global health care concern, criminals are using … Continue Reading
