Privacy General Business

Read Privacy Law updates, news, and legal commentary from leading lawyers and law firms:
News & Analysis as of

OCR announces launch of Phase 2 of HIPAA audits

Although the Office for Civil Rights (OCR) has indicated in the past that it would start its next round of HIPAA audits, apparently it means business now. In the wake of an Inspector General report that the OCR was merely...more

Cacophony in the E.U. About National Data Retention Laws

The European Commission made it clear on September 16, 2015, that the issue of whether to introduce national data retention laws is a national decision. The European Commission has no intention of going back on this statement...more

SEC Settles Charges Against Investment Firm that Failed to Adopt Cybersecurity Policies Before Data Breach

Recently, the SEC announced that R.T. Jones Capital Equities Management, a St. Louis-based investment adviser, agreed to settle charges that it failed to establish the required cybersecurity policies and procedures before a...more

Back to School: A Primer on Cross-Border Discovery Issues

In September, the Sedona Conference released its latest publication on e-discovery matters, Practical In-House Approaches for Cross-Border Discovery & Data Protection, for public comment. The publication addresses a number of...more

Retail Industry EMV Compliance Deadline Arrives Today - Credit Card Fraud Liability Shifts

Starting today, October 1, 2015, a substantial portion of the liability associated with in-store fraudulent credit card purchases shifts from credit card issuers, such as banks or credit unions, to retail merchants. Credit...more

SEC brings first cybersecurity-related enforcement action

The Securities and Exchange Commission (“SEC”) recently settled its first cybersecurity-related enforcement action against a Missouri based registered investment adviser, R.T. Jones Capital Equities Management, Inc. (the ...more

Catching Up To Insurers’ Use of Big Data

Various groups within the NAIC are beginning to study the way in which insurers are using big data. On the property and casualty front, the Market Regulation (D) (Market Reg) Committee is reviewing the use of big data in...more

Fiat moves to dismiss proposed class action suit

Late last week, Fiat filed a Motion to Dismiss the proposed class action against it following reports of hacking into vehicle information systems and its announcement that it was recalling 1.4 million Dodge, Ram and Jeep...more

Latest NAIC Cybersecurity News

The National Association of Insurance Commissioners has announced three initiatives in furtherance of its goal to address cybersecurity issues faced by insurance companies, their state regulators, and consumers, which it...more

Blog: HHS To Launch New HIPAA Audits in Early 2016 in Response to OIG Reports

The Office of Inspector General (OIG) of the U.S. Department of Health and Human Services (HHS) issued two reports yesterday calling for the HHS Office of Civil Rights (OCR) to strengthen its Health Insurance Portability and...more

[Event] Cybersecurity, Data Breach, and Privacy:A Dialogue on the Rising Risks and Evolving Legal Landscape - Oct. 12th, Los...

Nossaman LLP and University of California, Irvine School of Law invite you to join us for this complimentary half-day seminar on recent developments in the areas of cybersecurity, data breach, privacy, and their implications...more

Hilton Hotel Properties investigating possible credit card breach

It has been reported that Hilton Hotel Properties (Hilton), including Embassy Suites, Doubletree, Hampton Inn and Suites and Waldorf Astoria is investigating credit card fraud alerts from banks, which have been alerted by...more

Appellate Court Notes

Supreme Court Advance Release Opinions: SC19253 - RBC Nice Bearings, Inc. v. SKF USA, Inc. [An important decision on contract waiver but one all attorneys should recall from the UCC or Contracts course we took...more

US-China Cyber Deal Big on Promises, Short on Action

In the aftermath of recent cyberattacks attributed to China’s government and citizens, many observers prepared for a rather uncomfortable state visit by Chinese President Xi Jinping last week. Then, as President Xi began his...more

SEC Penalizes Investment Adviser over Inadequate Cyber-Risk Program Prior to Data Breach

On September 22, the SEC ordered a Missouri-based investment adviser to pay a $75,000 penalty, settling allegations that the investment adviser failed to implement required written cybersecurity policies and procedures prior...more

SEC’s Increased Cybersecurity Enforcement and How to Reduce Your Risks

The SEC announced last week that an investment adviser had agreed to settle charges that it failed to take required steps to protect against and respond effectively to a cybersecurity breach. The action comes on the heels of...more

Hungary opens doors to BCRs

From the 1st of October 2015, a change in law will allow Hungary to accept Binding Corporate Rules (BCRs) as providing an adequate level of protection for cross-border transfers. This is a very welcome change from the...more

The SEC OCIE Announces Increased Scrutiny of Broker-Dealers’ and Investment Advisers’ Cybersecurity Programs

On September 15, 2015, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a National Exam Program Risk Alert (2015 Risk Alert) to provide broker-dealers and investment...more

Investment Adviser Settles SEC Charges After Data Breach

Last week, the Securities and Exchange Commission (SEC) settled charges against a registered investment adviser for failing to comply with Rule 30(a) of Regulation S-P (17 C.F.R. § 248.30(a)) (“Safeguards Rule”). The...more

What's So Great About an Information Security Policy?

Lawyers and compliance professionals constantly tout the importance of internal information security policies, particularly in light of data privacy problems that are reported almost daily in the media. Admittedly, drafting...more

Recent Seventh Circuit Data Breach Ruling Could be Big Win for Plaintiffs and Big Headache for Retailers

For lawyers who frequently litigate class action lawsuits, whether or not the named plaintiffs have standing to bring a claim is one of the first issues that is analyzed and considered. Plaintiffs’ lawyers often look for...more

[Event] 2015 Business of Personalized Medicine Summit - Oct. 7, San Francisco, CA

Just as with patient treatments, one size does not fit all when it comes to companies involved in personalized medicine. Each is unique in its mission, culture, and capabilities, and so it should come as no surprise that each...more

Automakers receive request for information letters about vehicle-to-vehicle communications’ privacy

This week, Senator Ed Markey and Senator Richard Blumenthal sent letters to 18 automakers requesting an update on vehicle-to-vehicle communications’ (V2V) privacy and security. The Senators are seeking information on each...more

SEC Charges Investment Adviser with Failure to Adopt Proper Cybersecurity Policies and Procedures Prior to Cyberattack

On Tuesday, September 22, 2015, the SEC charged an investment adviser with failing to adopt a written policy and procedure reasonably designed to safeguard customer records and information. The charge spawned from a July 2013...more

Safe Harbor Put Into Question!

The 1995 EU Privacy Directive 95/46/EC provides that personal data of say, employees, to third countries, like the United States, may only be done with employee consent and only where the U.S. has ensured an adequate level of...more

2,322 Results
View per page
Page: of 93

Follow Privacy Updates on:

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.