Compliance

“Private Cybersecurity Lawsuits”

Question: What liability do we have to individuals in a private lawsuit if there is a data breach?

A company can be privately liable to an individual or individuals in a number of ways deriving ultimately from “common law” court made laws, or “statutes” enacted by Federal or State legislatures.

Federal Class Actions for Data Breach – Who Can Sue?

Suing due to a data breach related incident might not be as simple as you'd think. 

There are fine terms you must meet in order to be able to sue and for your case to be approved in court. 

Our VP of Compliance lays out everything you need to know on this subject. 

FISMA is the Federal Information Security Management Act. It is a high-level law that mandates a level of cybersecurity for all federal agencies and federal contractors. It was enacted by Congress in 2002 and updated in 2014.

While FISMA delegates cybersecurity responsibility to the various federal departments and agencies, it also centralizes a significant amount of cybersecurity functions (including mandates) to the Department of Homeland Security (DHS) and leaves the nitty-gritty standards and guidelines to the National Institute of Standards and Technology (NIST) to hammer out. 

In this cyber environment, it is important to have a robust Information Security Management System (ISMS), but how do you know if you have a strong ISMS? 

Well it's as simple as filling out a questionnaire!

Overview of the Federal Trade Commission in regards to cybersecurity:

• Does the US have federal cybersecurity laws that apply generally?
• What does the FTC require in a nutshell?
• How can I make sure my company is in compliance?

“HiTRUST: Burdensome, But Worth It if You Have the Resources”

For the past few months the challenges facing the country’s medical infrastructure has been all over the news. Mostly these issues have focused on medical supplies and capacity, but as with any organization the IT needs of these medical facilities are also of the utmost criticality.