Compliance

“Private Cybersecurity Lawsuits”

Question: What liability do we have to individuals in a private lawsuit if there is a data breach?

A company can be privately liable to an individual or individuals in a number of ways deriving ultimately from “common law” court made laws, or “statutes” enacted by Federal or State legislatures.

Federal Class Actions for Data Breach – Who Can Sue?

Suing due to a data breach related incident might not be as simple as you'd think. 

There are fine terms you must meet in order to be able to sue and for your case to be approved in court. 

Our VP of Compliance lays out everything you need to know on this subject. 

FISMA is the Federal Information Security Management Act. It is a high-level law that mandates a level of cybersecurity for all federal agencies and federal contractors. It was enacted by Congress in 2002 and updated in 2014.

While FISMA delegates cybersecurity responsibility to the various federal departments and agencies, it also centralizes a significant amount of cybersecurity functions (including mandates) to the Department of Homeland Security (DHS) and leaves the nitty-gritty standards and guidelines to the National Institute of Standards and Technology (NIST) to hammer out. 

In this cyber environment, it is important to have a robust Information Security Management System (ISMS), but how do you know if you have a strong ISMS? 

Well it's as simple as filling out a questionnaire!

Digital Edge shall disclose any breach of security of the system following discovery or notification of the breach to any NYS resident whose private information is reasonably believed to have been accessed or acquired by an unauthorized individual. The disclosure is to be made in the fastest time possible. For data that Digital Edge maintains but does not own, Digital Edge shall disclose the breach to the data owner.

DIGITAL EDGE IS NOT CURRENTLY SUBJECT TO THE CCPA. HOWEVER, IN THE EVENT DIGITAL EDGE SHALL BECOME SUBJECT TO THE LAW, DIGITAL EDGE SHALL FOLLOW THE BELOW POLICY TO ENSURE COMPLIANCE WTH THE CCPA.

Overview of the Federal Trade Commission in regards to cybersecurity:

• Does the US have federal cybersecurity laws that apply generally?
• What does the FTC require in a nutshell?
• How can I make sure my company is in compliance?

“HiTRUST: Burdensome, But Worth It if You Have the Resources”

For the past few months the challenges facing the country’s medical infrastructure has been all over the news. Mostly these issues have focused on medical supplies and capacity, but as with any organization the IT needs of these medical facilities are also of the utmost criticality.

Free Cybersecurity Strategies for the Homebound

Well, April is almost over, and most of us are still teleworking from home. Last month I discussed some basic requirements for working remotely, and given that the coronavirus pandemic is still very much affecting our working lives, I’ve decided that this month it would be good to build on some of the concepts introduced last month.