The New York Attorney General's Office reached an agreement with Refuah Health Center to invest USD1.2 million in cybersecurity measures after allegedly failing to protect patient data from a ransomware attack. The company must pay USD450,000 in penalties and take steps such as upkeep an information security program, require multifactor authentication to remotely access data and conduct audits to ensure limited user access.
10 Jan. 2024
Health care provider agrees to invest in cybersecurity protections
RELATED STORIES
A view from DC: The beginning of the end of the free flow of data
Notes from the IAPP Canada: Privacy community is active, why aren't politicians?
A view from Brussels: Are IT leaders seeing it as well?
UK Data Use and Access Bill offers familiar proposals, eye toward EU adequacy
Top operational impacts of reforms to Australia's Privacy Act