Citing a rise in data breaches among New York law firms coupled with the recent enactment of the SHIELD Act that “creates, for the first time, substantive security requirements for persons or businesses that hold the ‘private information’ of New York residents”, the Committee on Technology and the Legal Profession recommended the adoption of a

On June 6, 2020, New York Governor Andrew Cuomo issued Executive Order No. 202.38, permitting commercial building owners, retail store owners, and those authorized on their behalf to manage public places within their buildings and businesses to require individuals to undergo temperature checks as a condition to entry. To prevent people that may have

On May 7, 2020, the New York Attorney General announced she will not sue Zoom after it agreed to adopt enhanced data security and privacy measures to protect the data of its 300 million plus users. As COVID-19 social distancing policies radically change the way individuals and industries communicate, Zoom saw a reported 3,000 percent

The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) issued an advisory to hospitals and other healthcare organizations that cybercriminals are targeting them with phishing campaigns, ransomware, and other malicious acts referencing COVID-19.  Cybercriminals are exploiting the fact that the healthcare sector is consumed with COVID-19 management and response to ramp up attacks, including ransomware

Citing a “significant increase in cybercrime” during the COVID-19 pandemic, the New York Department of Financial Services (DFS) issued guidance to all New York State regulated entities identifying areas of heightened cybersecurity risks. DFS advised regulated entities they should assess and address these areas as per cybersecurity regulation 23 NYCRR Part 500.

Heightened Risk #1:

Healthcare data company CENTOGENE announced it has joined forces with blockchain startup Ubirch to create a solution to secure results of COVID-19 mass testing that takes into consideration General Data Protection Regulation (GDPR) compliance.

Based on the premise that absent a vaccine widespread testing is inevitable to permit the return of social interaction, the solution

The New York Attorney General issued a warning to health care providers, hospitals, and other organizations within the health supply chain that cyber criminals are using targeted COVID-19 phishing emails and texts to gain access to sensitive information.  Multiple reports indicate that scammers are sending emails and texts to get a recipient to click on

COVID-19 has caused more employees to work remotely or at home, presenting cybersecurity challenges to organizations in the payments industry.  PCI Security Standards Council has issued best practices to secure and protect telephone based payment card data while working remotely. These best practices include:

  • Train staff.  Ensure any systems that remote workers use to process