U.S. agencies are warning U.S. businesses to batten down their cyber security defenses to guard against a WannaCry ransomware cybersecurity threat sweeping the Globe. Continue reading
Posted in Board of Directors, CEO, CFO, Compliance, D&O, Data Security, Director Liability, Director Liabiloity, E&O, Employee Benefits, Employment, Fiduciary Responsibility, Fraud, Internal Controls, Leadership, Officers, Officers Liability, Privacy, Risk Management, Shareholder Liability, Uncategorized
Tagged Cyber Security, Data security
The breaking news here today of a data breach at Premera Blue Cross following on the heals of the recent announcements of large scale data breaches at Anthem, is another reminder that that employers and other health plan sponsors, fiduciaries, insurers specifically, and U.S. businesses need to take immediate steps to assess and tighten up their privacy, data security and data breach compliance and risk management. Health plans and their employers, administrators, insurers, and other vendors and service providers need to take immediate steps to conduct documented investigations, provide mandated breach notifications and take other actions that the Privacy, Security & Breach Notification Rules imposed by the Health Insurance Portability & Accountability Act and other potentially applicable laws. Depending on the scope of data impacted and their involvement with the impacted plans, employer or other plan sponsors, fiduciaries, administrators and service providers also may be subject additional responsibilities under the fiduciary responsibility requirements of the Employee Retirement Income Security Act of 1974 (ERISA), the Internal Revenue Code, and a host of other laws. Insurance industry or other vendors providing services to these plans also may face specific responsibilities under applicable insurance, health care, federal or state identity theft, privacy or data security, or other federal or state laws.
The need for prompt assessment and action is not necessarily limited to health plans and organizations sponsoring, administering or doing business with the plans involved in the Premera or Anthem breaches. The report of these and other health plan breaches, as well recent reports of identity theft and other fraud impacting federal tax returns and other large data breach reports involving retailers and other prominent businesses are spurring recognition of the large risks and need for greater scrutiny and accountability to business collection, use, and protection of sensitive personal and other data.
Businesses using mobile devices or applications and the mobile device or other technology developers and providers need to get serious about security. With technology and other business providers use of mobile applications in marketing and other business uses proliferating, the … Continue reading
Posted in CEO, D&O, Data Security, Director Liabiloity, Employee Benefits, Employment, Health Plans, Internal Controls, Officers, Privacy, Reengineering
Tagged data breach, Data security, FTC, Privacy, techology