Data Privacy + Cybersecurity Insider
CYBERSECURITY Health Care Entities Continue to Get Pummeled by Cybersecurity Attacks The newest health care entity to be hit by a cyberattack is Ascension Health, which operates 140 hospitals and 40 assisted living facilities in 19 states. Ascension confirmed that it has been hit by a cybersecurity attack and that the attack has disrupted its clinical operations. Ascension detected the attack on May 8, 2024, and is in the process of investigating and responding to it. Read more ENFORCEMENT + LITIGATION Massachusetts Court to Determine the Legality of Snapchat Surveillance This week, the Massachusetts Supreme Judicial Court (SJC) reviewed a lower court’s dismissal of gun-related indictments against Richard Dilworth, Jr., related to the state’s refusal to disclose the bitmojis and usernames it used to conduct online surveillance through Snapchat accounts in 2017 and 2018. Read more Crumbl Sued for Disclosing Data to Stripe Without Consent In the latest surge of lawsuits against retailers for embedding tracking technology into websites, yummy cookie company Crumbl was sued on May 1, 2024, for allegedly embedding web-tracking technology allowing third-party processing company Stripe to obtain, without consumer consent, customers’ names, email and delivery addresses, geographic locations, IP addresses, and payment information when consumers surf Crumbl’s website without their consent. Read More Federal Trade Commission Continues to Target Healthcare Companies for Unauthorized Data Disclosures The Office for Civil Rights (OCR) of the Department of Health and Human Services (HHS) recently issued its Final Rule to modify HIPAA “to support reproductive health care privacy.” The Final Rule is in response to Executive Order 14076, where President Biden directed HHS to take actions to protect reproductive health information following Dobbs v. Jackson Women’s Health Organization and the following restrictive state laws enacted on abortion services. Read more DATA PRIVACY What’s in the Proposed American Privacy Rights Act? Congress is once again entertaining federal privacy legislation. The American Privacy Rights Act (APRA) was introduced by Senate Commerce Committee Chair Maria Cantwell (D-WA) and House Energy and Commerce Chair Cathy McMorris Rodgers (R-WA). Read more PRIVACY TIP #397 TikTok and ByteDance File Suit Against the United States TikTok, Inc. and ByteDance, Ltd., the owner of the TikTok app, filed suit against the United States on May 7, 2024, alleging that the Protecting Americans From Foreign Adversary Controlled Applications Act (“the Act”) is unconstitutional and is a violation of the free speech of 170 million Americans who use the app. But is the suit actually unconstitutional? Learn more in this week's Privacy Tip. Read more |



