May 26, 2021
"The PA health dept. is being sued, after employees of its vendor Insight Global set up an unsecured channel to share COVID-19 contact tracing data, exposing the PHI of 72,000 individuals."

Why this is important: The alleged exposure of COVID-19 contact tracing data is what is grabbing the headlines in this article, but it is the root cause that should cause readers to sit up and take notice. Employees of Pennsylvania’s vendor allegedly took data from internal systems and transferred it to Google’s online productivity suite for sharing and collaboration—leaving it unsecured and accessible by the public. This use of unapproved technologies by employees is often referred to as “shadow IT” because employers are often not aware of their use. And as the allegations here indicate, it can cause significant headaches for companies that find themselves subject to potential liability when those shadow IT systems violate legal requirements or lead to a data breach. This case therefore serves as a good reminder for employers to train their employees on the use of approved technologies and the avoidance of others. --- Joseph V. Schaeffer
"The innovation could reduce the side effects of cancer therapy and may hold the solution to better delivery of Covid-related therapies directly to the lungs."

Why this is important: This describes a study by the University of Zurich to "teach" a common respiratory virus to attack cancer cells only. The best description, from the article, is this: "Scientists at the University of Zurich have modified a common respiratory virus, called adenovirus, to act like a Trojan horse to deliver genes for cancer therapeutics directly into tumor cells. Unlike chemotherapy or radiotherapy, this approach does no harm to normal healthy cells. Once inside tumor cells, the delivered genes serve as a blueprint for therapeutic antibodies, cytokines and other signaling substances, which are produced by the cancer cells themselves and act to eliminate tumors from the inside out." How widely this can be applied is not yet clear. There are other therapies in development that use tumor genetic code to "teach" antibodies to attack cancer, but that is limited by using the genetic code of each person. Time will tell how effective these techniques become in the real world, but they are exciting. --- Hugh B. Wellons
"Autonomous vehicle experts who reviewed the video footage of the 41-minute trip posted on YouTube by the Waymo passenger say it shows a series of gaffes by the Waymo self-driving technology."

Why this is important: Joel Johnson's 147th Waymo ride provided a new experience: the driverless car stopped when it encountered traffic cones on the roadway and then shortly fled when a Waymo customer service driver appeared on the scene to take command of the vehicle. Waymo is the self-driving arm of Google's parent company, Alphabet. It operates a fully autonomous ridehail service in parts of Phoenix, Arizona. Johnson attests to the success of the service and explains all of his 146 prior rides occurred without incident. However, construction sites, traffic cones, and lane closures are known to be a challenge for the autonomous vehicles. Johnson's latest ride provides an example of some of the safety and legal issues that can arise from these vehicles. The Waymo minivan stopped abruptly and swerved into the adjacent lane when confronted with traffic cones. Drivers in that lane were forced to cross into a lane of oncoming traffic in order to avoid a collision with the Waymo minivan. If obstacles as ubiquitous as construction sites, traffic cones, and lane closures cause these issues, more work is needed before autonomous vehicles can take to the streets and highways nationwide. --- Nicholas P. Mooney II
"Between the threat of not recovering their encrypted files and the additional concerns of data breaches, government fines, and lawsuits, threat actors are banking on the idea that this would force victims to more readily pay a ransom."

Why this is important: Ransomware attacks have long been a problem, but they entered new national prominence this month when they temporarily shut down the Colonial Pipeline and disrupted the delivery of gasoline to parts of the East Coast. Historically, these ransomware attacks have encrypted businesses’ data, locking them out of their systems until they pay the demanded ransom. But recently, groups have turned to double-ransomware attacks—so named because the groups will steal data and lock the remaining network. This approach is intended to discourage businesses from avoiding the ransom payment by simply restoring their network, since they would still face the release of the stolen data. Though some have called for banning Bitcoin, the groups’ preferred payment form, as a means to halting these attacks, the best approach is a strong defense in the form of good security systems and well-trained employees. --- Joseph V. Schaeffer
"The virtual reality technology, known as NeuroFlex, is set to be used during matches as part of the head injury assessment process under a partnership between Rugby Australia, Rugby New Zealand and World Rugby."

Why this is important: Professional rugby is experimenting with a new software that uses special eye-tracking technology while wearing virtual reality goggles to determine if a concussion occurred. Of course, this will be used with other current methods to determine its effectiveness. Immediately after a concussion, some symptoms may not be obvious right away. The hope is that this new technology will aid doctors in making in-game decisions about whether, and to what extent, a concussion occurred. Of course, a general rule that if someone gets hit in the head, they don't go back into a game would also be good. Oh, that's right, this is "professional sports." --- Hugh B. Wellons
"People between the ages of 20 and 39 were hit particularly hard, representing about 44% of the reported losses."

Why this is important: As if the cryptocurrency crash last week was not bad enough, cryptocurrency scams have been on the rise since October, and these scams have cost people more than $80 million during that period. The FTC released data “show[ing] about 7,000 reports of crypto investment scams received by the agency since last fall, with a median loss of $1,900.” According to the FTC, scammers are posing as celebrities (Elon Musk, for example), government agencies, or crypto businesses (like Coinbase) in order to scam people. The FTC has provided guidance, located at, on how to spot scams related to cryptocurrency. The most important tip provided is to be wary of anyone who insists on being paid in crypto, gift cards, or wire transfers. Once the scammers have the crypto, the victim likely will not ever see that money again. Therefore, it is best to do your homework before you invest and be wary of anyone contacting you with a money-making idea. --- Kellen M. Shearin
"They have developed a technology called 'CopyCatcher,' which can detect and quantify events in which a genetic element is copied precisely from one chromosome to another during CRISPR-based gene editing."

Why this is important: Gene therapy is more complicated than most realize. We've discussed CRISPR-based gene therapy in the past. One of the challenges is that modifying a gene and encouraging that modification to spread involves a process of having chromosomes make that same change in other chromosomes, by cutting and amending them. Works great in fruit flies, not so well in more complex organisms, like humans. The CopyCatcher is a technology that helps to identify the genes modified, so that they can be counted to determine how effective the gene therapy is. --- Hugh B. Wellons
"Under the ban, such institutions, including banks and online payments channels, must not offer clients any service involving cryptocurrency, such as registration, trading, clearing and settlement."

Why this is important: China recently disclosed its latest move against cryptocurrencies. It is banning financial institutions and payment companies from providing any services to customers related to cryptocurrencies, such as trading, clearing and settlement of payments. This isn't China's first attempt to crackdown on the currencies. In 2017, it shut down its local cryptocurrency exchanges. In 2019, it announced it would block access to all domestic and foreign cryptocurrency exchanges and initial coin offering websites. The markets reacted with sharp reductions. One wonders if China's successful tests of its digital yuan coupled with its repeated moves against cryptocurrencies are all part of the same plan to move people away from those currencies and toward China's central bank digital currency. --- Nicholas P. Mooney II
"According to the National Vulnerability Database, 18,353 vulnerabilities were reported in 2020."

Why this is important: Cybercriminals target healthcare. Some even target devices (e.g., pacemakers, insulin pumps). Attacks on healthcare tripled in five years. This article explains some of the steps that manufacturers are taking to thwart this risk. The article is, however, written on behalf of medical device makers. Interestingly, it encourages a discussion of this risk. Not exciting, but it is informative. --- Hugh B. Wellons
This is an attorney advertisement. Your receipt and/or use of this material does not constitute or create an attorney-client relationship between you and Spilman Thomas & Battle, PLLC or any attorney associated with the firm. This e-mail publication is distributed with the understanding that the author, publisher and distributor are not rendering legal or other professional advice on specific facts or matters and, accordingly, assume no liability whatsoever in connection with its use.
Responsible Attorney: Michael J. Basile, 800-967-8251