A recently introduced bill in the Florida Legislature would provide businesses operating in Florida, including health care providers, with a legal defense to data breach lawsuits if they maintain robust cybersecurity measures that meet government- and industry-recognized standards. Specifically, Florida House Bill No. 473 (H.B. 473), known as the Cybersecurity Incident Liability Act, was

Ransomware attacks that shut business down to zero and data breaches that disclose the personal information of customers, vendors and employees justifiably strike fear in the hearts of executives everywhere. Organizations can suffer the reputational and financial consequences of these events for years to come. Due diligence in the current regulatory environment requires a plan

The Department of Health & Human Services (HHS) released a concept paper outlining its strategy for improving cybersecurity infrastructure within the healthcare sector. The paper calls for proposing healthcare-specific cybersecurity performance goals that will include both minimum foundational practices and advanced goals for cybersecurity performance. By centralizing these performance goals into the Healthcare and Public

A previous installment discussed the centrality of network topology to an organization’s data security and outlined the legal framework and obligations incumbent upon many organizations in the U.S. The first installment can be found here. The second and final part of this series will discuss strategies for optimizing network topology and data security, focusing

Data security is a top concern for organizations in today’s digital landscape. It protects data from unauthorized access, use, modification, or disclosure, and requires implementing technical, administrative, and physical measures to safeguard data from internal and external threats. Securing data is challenging in the current environment of multiplying cyber threats against small and large organizations

As Cybersecurity Awareness Month comes to an end and the spooky season of Halloween is upon us, no one wants to live through a cybersecurity horror story. There are some simple precautions every business and household can participate in to help keep their data and information safe. We have outlined a few below with a

The construction sector is known for its perennial pursuit of efficiency, quality, and safety. In recent years, one of the tools the sector has started leveraging to achieve these goals is predictive maintenance (PM), specifically the implementation of artificial intelligence (AI) within this practice. This approach, combined with continuous advancements in AI, is revolutionizing the

As cyber threats have evolved and expanded, cybersecurity has emerged as a threat to organizations across sectors, and there is more urgency than ever for companies to remain vigilant and prepared. Cybersecurity incidents can come with legal implications and lead to substantial financial losses, and members of the board must increasingly be involved and knowledgeable

The Department of Defense Inspector General (DoDIG) recently released its “Audit of the DoD’s Implementation and Oversight of the Controlled Unclassified Information [CUI] Program” (DODIG-2023-078). The audit highlights some of DoD’s challenges in implementing the CUI Program and provides recommendations on how to make the program work better. The DoD’s response to the

Effective July 1, 2023, a new Florida law will limit certain health care providers from storing patient information offshore. CS/CS/SB 264 (Chapter 2023-33, Laws of Florida), amends the Florida Electronic Health Records Exchange Act to require health care providers who use certified electronic health record technology to ensure that patient information is physically maintained

Federally insured credit unions are now required to report a cyber incident to the National Credit Union Administration (NCUA) Board within 72 hours. This final rule was unanimously approved by the NCUA on February 17, 2023 and will take effect September 1, 2023 – giving credit unions just over 6 months to update their data