W e l c o m e  t o  B r i g h t l y  I n s i g h t s

University of Rochester Medical Center Faces $3 million Fine After Data Breach

The University of Rochester Medical Center (URMC) will pay $3 million in fines for failure to encrypt mobile devices and other HIPAA violations, it was announced in November. 


With more than 26,000 employees, URMC is one of the biggest health systems in the state of New York. 


In addition to the $3 million penalty, URMC will be forced to adopt a corrective action plan to address all aspects of noncompliance found in the investigation following the data breach.


You can read the full article here:

From Security Boulevard: A Look at Some of the Biggest Data Breaches of 2019

This week, Security Boulevard published an article taking a look at some of the biggest and most impactful data breaches seen this year. 

Included on the list were First American Financial, Facebook, Fortnite, and more. Each of the breaches mentioned impacted hundreds of millions of people and were largely due to simple failures in systems or lack of adequate security measures. 

The article says that each of these breaches was preventable: "... the troubling reality is that most data breaches from 2019, including all those summarized below, could have been prevented with basic security hygeine." 

Read the full article here:

AIM Executive Weighs in on How Businesses Should Approach CCPA Regulations

AIM Managing Partner Philip Gow spoke with PIMA Insights last week about how businesses should prepare for and achieve compliance with new CCPA regulations set to take effect in January. In the interview, Gow described that even businesses with knowledge about compliance may not have the resources or expertise to execute and achieve full compliance with the new regulations. 

Setting your organization up for success in the future is crucial Gow said, and may require the use of third-party resources or outside firms. 

Read the full article here:

T-Mobile Breach Puts Data of 1 Million+ Customers at Risk

T-Mobile confirmed a breach affecting more than 1 million of its customers on November 22nd. The data exposed to the malicious actors includes name, billing address, phone number, account number, and details about the customer's T-Mobile plan. All T-Mobile customers known to be affected have been notified.

Read more here: