Top Stories
Trial of Former Uber Executive Has Security Officials Worried About Liability for Hacks - WSJ
Some of Mr. Sullivan’s peers said they view the case as a test of the potential criminal penalties they could face over security lapses or challenges that aren’t always black and white.
Breaches
Late notification raises questions about a US Radiology Specialists breach last year
As keen eyes have noticed, two radiology services — Gateway Diagnostic Imaging in Texas and Radiology Ltd in Arizona — recently submitted breach notices to the Montana Attorney General’s Office. Both notices reported an incident in December 2021. But were these separate incidents, or were they both the result of a third-party breach?
Law Firm Says Year-Old Hack Affected PHI of 255,000 People
Warner Norcross & Judd LLP on Aug. 24 reported to the U.S. Department of Health and Human Services a hacking/IT incident involving a network server and affecting the PHI of 255,160 individuals.
Security
LEAK: Commission to introduce cyber requirements for Internet of Things products – EURACTIV.com
The proposal for a Cyber Resilience Act that will be presented next week will mandate baseline cybersecurity standards for all connected devices and stricter conformity assessment procedures for critical products, according to a draft seen by EURACTIV.
Baxter Sigma Spectrum Infusion Pump | CISA
Four remotely exploitable medical device security vulnerabilities are impacting certain Sigma and Baxter Spectrum infusion pumps.
5 Security Vulnerabilities Found in Contec Vital Signs Patient Monitors
The Cybersecurity and Infrastructure Security Agency (CISA) released a medical device advisory outlining five vulnerabilities found in Contec Health’s CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor.
Privacy
CCPA/CPRA grace period for HR and B2B ends Jan. 1
CCPA/CPRA will become fully operational on Jan. 1, 2023, for B2B and HR personal information and will be subject to the same rigorous California privacy regulations as "consumer" personal information.
California Age-Appropriate Design Code final passage brings mixed reviews
The bill, which awaits enactment by Gov. Gavin Newsom, D-Calif., after unanimously passing the State Assembly and Senate, is an online safety bill containing unique privacy requirements to protect minors age 17 and under. If enacted, the bill would enter into force Jan. 1, 2024.
Misc
CVS Makes $8 Billion Bet on the Return of the House Call - The New York Times
The drugstore giant CVS Health said on Monday that it would acquire Signify Health, which runs a network of doctors making house calls, for roughly $8 billion in a deal that cements the pharmacy chain’s move away from its retail roots.
The US May Soon Learn What a ‘Kid-Friendly’ Internet Looks Like | WIRED
This week, the California legislature voted unanimously to pass the California Age-Appropriate Design Code Act. Once Governor Gavin Newsom signs the bill into law, the code will require sites and apps that serve users under 18 to “consider the best interests of children when designing, developing, and providing” their products. The ADCA could be the United States’ biggest step toward comprehensive online protections for kid users yet.