NIST releases latest version of its Cybersecurity Framework

By on April 19, 2018 Posted in Compliance and risk management

Data Protection Report - Norton Rose Fulbright

On April 16, 2018, the National Institute of Standards and Technology (NIST) unveiled Version 1.1 of its widely known Cybersecurity Framework, which incorporates changes based on feedback collected through comments, questions, and workshops held in 2016 and 2017.… Continue reading

FTC Enforcement Possible for Failing to Guard Against Ransomware

By on October 6, 2016 Posted in Compliance and risk management, Cybercrime, Regulatory response

Recent comments by FTC Chairwoman Edith Ramirez suggest that a company’s failure to take preventative measures to address ransomware could result in an enforcement action by the FTC, even if a company is never actually subject to a ransomware attack. The Chairwoman’s comments reflect a growing concern among US government agencies regarding ransomware and may … Continue reading

OCR issues guidance on HIPAA Security Rule compliance and mobile health apps

By on March 6, 2016 Posted in Compliance and risk management, Regulatory response

Data Protection Report - digital privacy, CCPA and cybersecurity

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently published two guidance documents to aid organizations in complying with HIPAA.… Continue reading