Health care organizations continue to be a popular target for hackers. According to information from the U.S. Department of Health & Human Services (HHS), more than 30 reports of data breaches were filed by health care entities in the first month and a half of 2020. Although a few reported breaches involved theft or improper … Continue Reading
California has a privacy law that took effect on January 1, 2020, and it’s not the California Consumer Privacy Act (CCPA). This new privacy law regulates Internet of Things (IoT)-connected devices. SB 327 was enacted in 2018 and became effective on January 1, 2020. The California IoT law requires manufacturers of connected devices to equip … Continue Reading
U.S. Senator Ron Wyden, D-Oregon, recently introduced comprehensive privacy legislation, known as the “Mind Your Own Business Act” (MYOB Act), to provide protections for the private data of Americans and to hold corporate executives accountable if they abuse such information. While this isn’t the first such legislation introduced in Congress and is unlikely to be the … Continue Reading
Oregon became the latest state to require manufacturers of internet “connected devices” that make, sell or offer to sell the devices in the state to equip the device with “reasonable security features” according to Oregon House Bill 2395 amending ORS 646.607. According to the law, “[R]easonable security features” means methods to protect a connected device … Continue Reading
The Oregon Department of Human Services (DHS) announced late last week that nine of its staff members had fallen victim to a phishing campaign and that their email boxes were compromised on January 8, 2019. The intrusion was discovered on January 28, 2019. When the intrusion was discovered, the staff members’ changed their passwords to … Continue Reading
Oregon Governor Kate Brown recently signed a new data breach reporting law (S. 1551) that toughens the state’s existing requirements. The new law requires companies to notify individuals within 45 days after a data breach has been discovered, unless a delay in notification is requested by law enforcement. It expands the definition of personal information … Continue Reading
As more and more state laws allow the use of marijuana for medical conditions, and dispensaries are opening to provide users with access to marijuana for medical purposes (and recreational use), patients are questioning and becoming concerned about the protection of their privacy when purchasing marijuana in dispensaries. The concern is that federal law still … Continue Reading
Next week, on August 21, a total solar eclipse (or the alignment of the sun, moon and earth), visible from the continental U.S., will take place for the first time in 38 years. The last time this cosmic event occurred, there were no battery-powered supercomputers—smartphones—in your hand to fly a self-stabilizing, GPS-guided aircraft with a … Continue Reading
Although numerous states have studied and introduced legislation adopting the Uniform Fiduciary Access to Digital Accounts Act, only three have adopted it thus far. The first was Delaware, which adopted the model digital assets law on August 12, 2015, effective January 1, 2015. Oregon became the second state to adopt the uniform law, when the Governor signed … Continue Reading
