What’s New in Reasonable Security?

Recent developments on ‘reasonable security’ and the cybersecurity industry. Keep current on the evolution of regulatory requirements and how it may affect you.

US Fertility Reaches $5.75M Data Breach Settlement | HEALTH IT SECURITY

“USF failed to take adequate and reasonable measures to ensure its computer/server systems were protected against unauthorized access and failed to take actions that could have stopped the Data Breach before it occurred,” the complaint stated.”

The Quest for “Reasonable Security” Part One: Obtaining Reasonable Security Using State Legislation and Enforcement Action as a Guiding Light | R STREET

The Increasing Importance of Cybersecurity Readiness in the Municipal Bond Market: How Public Institutions Can Respond | JD SUPRA – PARKER POE

While practice likely cannot “make perfect” in an era of constant cyberattacks, it can greatly decrease the likelihood of a material breach and, if one does happen, can serve as a strong example of reasonable security measures that the institution employed to guard the information in its care.

New Jersey Passes Comprehensive Consumer Privacy Law | NATIONAL LAW REVIEW – EPSTEIN BECKER GREEN

“Cybersecurity: Controllers and processors must take reasonable measures to establish, implement, and maintain administrative, technical, and physical data security practices to protect the confidentiality, integrity, and accessibility of personal data and to secure personal data during both storage and use from unauthorized acquisition.”

FTC Launches Claims Process for Victims of CafePress Data Breach | CHESCO

“The agency alleged that CafePress failed to put in place reasonable security measures to safeguard sensitive information stored on its network.”

FTC Imposes 5-Year Ban on Rite Aid’s ‘Reckless’ Use of AI-Based Facial Recognition | RETAIL TOUCHPOINTS

“The Federal Trade Commission (FTC) has prohibited Rite Aid from using facial recognition technology in its stores, claiming the retailer failed to implement reasonable security procedures and prevent harm to consumers.”

NY AG Reaches $400K Settlement With Healthplex Over Data Breach | HEALTH IT SECURITY

“Healthplex admitted no wrongdoing but agreed to the $400,000 settlement to resolve the allegations. The settlement also stated that Healthplex would comply with HIPAA by maintaining reasonable security policies to safeguard protected health information.”

What are the Penalties for HIPAA Violations? | HIPAA JOURNAL

Reasonable in HIPAA.