Online and On Point

A Resource for Privacy Developments and Cybersecurity Risks in an Era of Evolving Technology

A significant shift in cybersecurity compliance is on the horizon, and businesses need to prepare. Starting in 2024, organizations will face new requirements to report cybersecurity incidents and ransomware payments to the federal government. This change stems from the U.S. Department of Homeland Security’s (DHS) Cybersecurity Infrastructure and Security Agency (CISA) issuing a Notice of

In the middle of the 20th century, there was a massive expansion of the retail credit market. Everything from boats to sewing machines to kitchen appliances were bought and sold through increasingly complex credit arrangements. These credit arrangements would extinguish a consumer’s rights to dispute any terms of the contract once a loan was assigned,

The healthcare sector is increasingly facing cyber-threats with ransomware and hacking at the forefront. In the last five years, there has been a staggering 256% rise in significant hacking-related breaches and a 264% surge in ransomware incidents reported to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). Hacking alone

The frequency of class actions related to data breaches has significantly increased, with no indication that this upward trajectory will plateau. This raises the question: Are there more efficient alternatives to settling these disputes in the public eye of the courts? Moreover, is it possible to mitigate the financial burden associated with these legal battles?

A recently introduced bill in the Florida Legislature would provide businesses operating in Florida, including health care providers, with a legal defense to data breach lawsuits if they maintain robust cybersecurity measures that meet government- and industry-recognized standards. Specifically, Florida House Bill No. 473 (H.B. 473), known as the Cybersecurity Incident Liability Act, was

Ransomware attacks that shut business down to zero and data breaches that disclose the personal information of customers, vendors and employees justifiably strike fear in the hearts of executives everywhere. Organizations can suffer the reputational and financial consequences of these events for years to come. Due diligence in the current regulatory environment requires a plan

The Florida Telephone Solicitation Act (FTSA), effective July 1, 2021, has undergone significant amendments as of May 25, 2023, reshaping the legal landscape for businesses in Florida. Initially, the FTSA created a private right of action for unwanted calls and texts, leading to over 500 complaints within a year. To clarify the FTSA’s ambiguities, Florida

On December 13, 2023, the Federal Communications Commission (FCC) ushered in a new era by enacting transformative rules, marked by a 4-1 vote, aimed at addressing what it viewed as the lead generation loophole.  The FCC’s Second Report and Order, released on November 22, 2023, was poised to signify a monumental shift in lead generation

The Department of Health & Human Services (HHS) released a concept paper outlining its strategy for improving cybersecurity infrastructure within the healthcare sector. The paper calls for proposing healthcare-specific cybersecurity performance goals that will include both minimum foundational practices and advanced goals for cybersecurity performance. By centralizing these performance goals into the Healthcare and Public

A previous installment discussed the centrality of network topology to an organization’s data security and outlined the legal framework and obligations incumbent upon many organizations in the U.S. The first installment can be found here. The second and final part of this series will discuss strategies for optimizing network topology and data security, focusing