All posts in Portable Devices

HIPAA’s Long Arm — and Why It’s a Good Thing

Daniel Solove
Founder of TeachPrivacy

HIPAA Training

Recently, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its first resolution agreement and monetary penalty against a business associate (BA).

Continue Reading

Can the FBI Force Apple to Write Software to Weaken Its Software?

Daniel Solove
Founder of TeachPrivacy

Privacy Awareness TrainingA dramatic legal battle is taking place that will have dramatic implications for the future of technology, privacy, security, and the extent of government power.  The FBI obtained an order from a magistrate judge to force Apple to develop software to help the FBI break into an encrypted iPhone.

Continue Reading

Can the FBI Force Apple to Write Software to Weaken Its Software?

Daniel Solove
Founder of TeachPrivacy

title image

A dramatic legal battle is taking place that will have dramatic implications for the future of technology, privacy, security, and the extent of government power.  The FBI obtained an order from a magistrate judge to force Apple to develop software to help the FBI break into an encrypted iPhone.

Continue Reading

Lessons from the Latest HIPAA Enforcement Action

Daniel Solove
Founder of TeachPrivacy

HIPAA Training OCR Enforcementby Daniel J. Solove

Recently, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) publicized its resolution agreement in its HIPAA enforcement action against St. Elizabeth’s Medical Center (SEMC).  SEMC agreed to pay $218,000.

The case began with a complaint filed with OCR back in 2012 that employees were sharing PHI of nearly 500 patients via an online sharing application without a risk analysis on such activities being undertaken.  OCR investigation found that the medical center “failed to timely identify and respond to the known security incident, mitigate the harmful effects of the security incident and document the security incident and its outcome.”

Continue Reading

Cybersecurity: Leviathan vs. Low-Hanging Fruit

Daniel Solove
Founder of TeachPrivacy

Data Security Training Low-Hanging Fruit

by Daniel J. Solove

There are certainly many hackers with sophisticated technical skills and potent malicious technologies.  These threats can seem akin to Leviathan — all powerful and insurmountable.

Leviathan 01

It can be easy to get caught up focusing on the Leviathan and miss the low-hanging fruit of cybersecurity.  This low-hanging fruit consists of rather simple and easy-to-fix vulnerabilities and bad practices.

Continue Reading