The healthcare sector is increasingly facing cyber-threats with ransomware and hacking at the forefront. In the last five years, there has been a staggering 256% rise in significant hacking-related breaches and a 264% surge in ransomware incidents reported to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). Hacking alone
Online & On Point
Blog Authors
Latest from Online & On Point
Ninth Circuit Upholds Arbitration in Data Breach Case: A Reminder for Businesses on the Importance of Terms and Conditions
The frequency of class actions related to data breaches has significantly increased, with no indication that this upward trajectory will plateau. This raises the question: Are there more efficient alternatives to settling these disputes in the public eye of the courts? Moreover, is it possible to mitigate the financial burden associated with these legal battles?…
Florida Bill Proposes Safe Harbor Against Breach Suits to Businesses Maintaining Recognized Cybersecurity Programs
A recently introduced bill in the Florida Legislature would provide businesses operating in Florida, including health care providers, with a legal defense to data breach lawsuits if they maintain robust cybersecurity measures that meet government- and industry-recognized standards. Specifically, Florida House Bill No. 473 (H.B. 473), known as the Cybersecurity Incident Liability Act, was…
Business Email Compromise: The Most Prevalent – and Preventable – Cyber Risk
Ransomware attacks that shut business down to zero and data breaches that disclose the personal information of customers, vendors and employees justifiably strike fear in the hearts of executives everywhere. Organizations can suffer the reputational and financial consequences of these events for years to come. Due diligence in the current regulatory environment requires a plan…
Upholding the FTSA Amendment: Recent Legal Triumphs and Implications for the Future of Florida’s Mini-TCPA
The Florida Telephone Solicitation Act (FTSA), effective July 1, 2021, has undergone significant amendments as of May 25, 2023, reshaping the legal landscape for businesses in Florida. Initially, the FTSA created a private right of action for unwanted calls and texts, leading to over 500 complaints within a year. To clarify the FTSA’s ambiguities, Florida…
Navigating the New Frontier of Lead Generation
On December 13, 2023, the Federal Communications Commission (FCC) ushered in a new era by enacting transformative rules, marked by a 4-1 vote, aimed at addressing what it viewed as the lead generation loophole. The FCC’s Second Report and Order, released on November 22, 2023, was poised to signify a monumental shift in lead generation…
HHS Develops Strategy to Improve Security in the Healthcare Sector
The Department of Health & Human Services (HHS) released a concept paper outlining its strategy for improving cybersecurity infrastructure within the healthcare sector. The paper calls for proposing healthcare-specific cybersecurity performance goals that will include both minimum foundational practices and advanced goals for cybersecurity performance. By centralizing these performance goals into the Healthcare and Public…
Network Topology and Network Mapping: The NIST Cybersecurity Framework – Part 2
A previous installment discussed the centrality of network topology to an organization’s data security and outlined the legal framework and obligations incumbent upon many organizations in the U.S. The first installment can be found here. The second and final part of this series will discuss strategies for optimizing network topology and data security, focusing…
Network Topology and Mapping: Cornerstones of Data Security – Part 1
Data security is a top concern for organizations in today’s digital landscape. It protects data from unauthorized access, use, modification, or disclosure, and requires implementing technical, administrative, and physical measures to safeguard data from internal and external threats. Securing data is challenging in the current environment of multiplying cyber threats against small and large organizations…
Data Breach 911: Five Immediate Steps to Take
For many, responding to an incident feels chaotic — questions swirling, uncertainties piling up, and no clear direction. Even when prepared with a well-rehearsed incident response plan, a data security incident places a company’s response team in a precarious situation of juggling numerous variables at once. In the chaos of determining whether a breach has…