Last week, the Tex-Mex restaurant chain On the Border suffered a data breach that impacted its payment acceptance systems in 27 states. The restaurant says that some credit card information of customers who visited the chain between April and August 2019 may have been compromised. In a press release, On the Border representatives said, “Our

Following in the footsteps of the New York Department of Financial Regulation (NYDFS) in enacting cybersecurity requirements for the financial services industry, and in response to massive data breaches in the insurance industry, a wave of states have either enacted or are pursuing legislation aimed at regulating the cybersecurity measures of insurance companies.

In 2017,

In the decades that followed the enactment of the Homestead Act of 1862, more than 1.6 million U.S. citizens and intended citizens filed applications with the U.S. government to lay claim to 160 acres of land guaranteed to each applicant willing to settle, farm and improve the lands.

Settlers quickly encountered a major problem. The

This week, the Federal Trade Commission (FTC) and ten states settled charges against the Florida-based cruise line, Caribbean Cruise Line, Inc. (CCL), for an illegal telemarking campaign that inundated consumers with billions of unwanted robocalls. In settling these charges, CCL’s owner, Fred Accuardi, and all of his companies are barred from robocalling and illegal telemarketing.

Mississippi Attorney General Jim Hood filed a Complaint against Google last week for alleged violations of the state’s Consumer Protection Act for its collection and use of students’ personal information and search history. The suit alleges that Google is using public school students’ information through G Suite for Education accounts to “advance its business interests

This year has been a busy year for education law in the area of data privacy. Educational institutions continue to be a rich target for hackers. Additionally, there were some important developments in the interpretation of Family Educational Rights and Privacy Act (FERPA) and the Telephone Consumer Protection Act (TCPA) as it applies to educational institutions.

  • In December, DeVry University Settled with the FTC for $100 million over allegations that it misled prospective students with ads that promised higher employment success and income upon graduation.
  • Also in December, UMass Amherst settled with the Office for Civil Rights (OCR) for $650,000 for HIPAA violations related to a malware infection that led to the release of names, addresses, Social Security numbers, dates of birth, health insurance information, diagnoses, and procedure codes.
  • In November, a hacker gained access to 1,213 records of applicants to the University of Wisconsin Law School.
  • On September 14, 2016, the Department of Education (DOE) issued a “Dear Colleague Letter” providing guidance on the application of FERPA to the disclosure of student medical records in the context of litigation.


Continue Reading Top Ten Education Developments, Breaches, and Settlements of 2016

Two disaster drones delivered telemedical packages to disaster victims and rescue personnel via the John Bell Airport in Bolton, Mississippi in a simulated mass casualty event last week. This marks the first time this type of technology hit the skies. These drones are part of the Telemedical Drone Project (also known as HiRO or Health Integrated Rescue Operations) which was created by a senior associate dean, Italo Subbarao, and a medical student, Guy Paul Cooper, Jr., at William Carey University College of Osteopathic Medicine.
Continue Reading Medical Disaster Drones and the Telemedical Drone Project

We continue to warn health care organizations about the real and serious risks associated with ransomware and malware, but organizations don’t prepare for it adequately and are getting hit hard.

Just this past week, several healthcare organizations have publicly announced that they have been victims of ransomware and malware. The organizations include a dermatology practice