FTC Settles IoT Enforcement Action; HHS Releases HIPAA/NIST Crosswalk; HHS Provides FAQs on Patient Fees for PHI Release; Judicial Redress Act Becomes Law
FTC Identifies Reasonable Security Measures Through IoT Enforcement Action
The Federal Trade Commission (FTC) settled charges with ASUSTek Computer, Inc. (ASUS), a manufacturer of home router and home networking (or “home cloud”) equipment, related to the security of the devices. According to the settlement, ASUS advertised that its home routers and networking equipment could protect the connected computers “from any unauthorized access, hacking, and virus attacks.” The FTC alleged, however, that ASUS did not secure data in a reasonable way and instead exposed consumers to hackers. The settlement emphasizes the FTC’s interest in securing devices connected to the Internet of Things (IoT) and provides additional guidance regarding the FTC’s view of “reasonable” security.Continue Reading Privacy & Cybersecurity Weekly News Update