Data Breach

News & Analysis as of

California Updates Data Breach Notification Statute; Provides Model Notification Form

On October 6, California Governor Jerry Brown signed into law two different updates to California’s data breach notification statute. Both updates will become effective on January 1, 2016....more

School Districts to Undergo Cybersecurity Audit

Missouri Auditor Nicole Galloway recently announced plans to conduct cybersecurity audits of five school districts. Coinciding with National Cybersecurity Awareness Month, the audits are intended to reveal how school...more

Data Breaches Are Not Academic: Colleges and Universities Should Take Appropriate Steps To Avoid or at Least Minimize Their...

Data breaches at colleges and universities are on the rise. These institutions are targets because their networks have access to a large amount of private information, including educational and medical records, as well as...more

AT&T issues “What every CEO Needs to Know About Cybersecurity”

We have reported before how CEOs, GCs and Boards are struggling with understanding and responding to cybersecurity risks within their organizations....more

California Amends Definition of Personal Identifiable Information and Breach Notification Content Requirements

On October 6, 2015, California Governor Jerry Brown signed into law several changes to California’s Data Breach Notification Statute. The law, as amended, adds additional categories of information into the definition of...more

New PCI Guidance Provides Businesses With Security Incident Response Assistance

A security event involving payment card data, especially card present data, can be one of the most costly events a company may face. Not only did a recent study report the average total cost of a data breach as $3.8 million,...more

VA OIG reports patient data at risk with vendor

The Department of Veterans Affairs’ Office of Inspector General recently issued a report, following a complaint that the VA Palo Alto Health Care System put veterans’ health information at risk when it allowed personnel of a...more

Privacy Tip #4—What do I do when I get a letter informing me of a data breach?

We’ve all gotten them–the dreaded letter that informs us that our data has been compromised, including our Social Security number. Some have received so many of these “notifications” that they are de-sensitized, throw their...more

New challenges created by China’s new draft cybersecurity law

In July 2015, China released its new draft cybersecurity law (the ‘Law’), which will potentially have far-reaching consequences for network operators and companies doing business in China....more

6,400 American Bankers Association members’ usernames and passwords compromised

Late last week, the American Bankers Association disclosed that its computer systems had been compromised exposing thousands of members’ personal information. The hacking occurred through its website’s shopping cart tool,...more

OIG report spurs OCR to announce phase 2 audits

On September 29, it was revealed that the HHS Office for Civil Rights (OCR) will commence Phase 2 of its HIPAA audit program in “early 2016.” OCR’s revelation regarding the Phase 2 audits, which had been the subject of...more

Scottrade announces data breach affecting 4.6M customers

Scottrade, a retail brokerage firm, announced late last week that it suffered an intrusion by cyber hackers who stole client contact information of 4.6 million customers. The intrusion occurred between late 2013 and early...more

Investment Adviser Settles SEC Cybersecurity Enforcement Action; SEC Issues Investor Alert

On September 22, the U.S. Securities and Exchange Commission (“SEC”) and R.T. Jones Capital Equities Management, Inc. (“R.T. Jones”), a St. Louis-based investment adviser, settled charges that R.T. Jones failed to adopt...more

Strike Suit Offers Conjectures, And Little More, About Scottrade Data Breach

As reported on Friday in the Krebs on Security blog, online broker Scottrade had sent an e-mail to customers earlier that day stating that it recently had learned from law enforcement officials that Scottrade was one of a...more

Court Grants Standing Against Coca-Cola Employer for Breach of Employee Information

The decision does not change the law on what is necessary to prove standing, although it does reinforce the notion that a plaintiff will have standing if he or she can allege a concrete injury. In the latest in a slew of...more

SEC Brings First Cybersecurity Enforcement Proceeding in Wake of Risk Alert

Highlights Areas of High Risk and Examination Priorities for Financial Industry Firms - On September 15, the U.S. Securities and Exchange Commission’s (SEC’s) Office of Compliance, Inspections and Examinations (OCIE),...more

The SEC Opens Up a New Front in the Cybersecurity Wars

For the last few years, the SEC has been issuing guidance as to appropriate cybersecurity policies and procedures for financial firms. In a move that signal’s the regulator’s willingness to put muscle into its cybersecurity...more

EXPECT FOCUS: Onboard Technology, NAIC Cybersecurity, DOL, ACA Litigation, SEC Regulation (Vol. III, Summer 2015)

In This Issue: IN THE SPOTLIGHT - - Your Data Breach Collided With My Personal Injury Coverage LIFE INSURANCE - - Phantom Injury Dooms “Shadow Insurance” Case - Latest NAIC Cybersecurity News - A...more

SEC Fines Investment Firm $75,000 for Failing to Adopt Written Cybersecurity Policies and Procedures

Investment firm R.T. Jones Capital Equities Management (R.T. Jones) has agreed to settle with the Securities and Exchange Commission (SEC) and pay a $75,000 penalty over charges that it failed to adopt written policies and...more

Hacked Investment Advisor Fined $75,000 for Lack of Cyber-Security Measures

Many in the investment advisory community are following the story of R.T. Jones Capital Equities Management, an investment advisor that, according to the Securities and Exchange Commission (SEC), suffered a hack exposing the...more

[Webinar] Information Security: Background & Recent Developments - Oct. 15th, 12:00pm ET

Join us for an in-depth webinar presented by litigation attorneys James Ward and Phil Stein on the trending topic of information security and how to protect your company from a data breach. This webinar will address what you...more

Trump Hotel Collection Confirms Year-Long Data Breach

Trump Hotel Collection, the high-end hotel chain owned by the billionaire Republican presidential hopeful and real estate developer Donald Trump, has confirmed a data security breach involving malware that the company says...more

OIG Calls for Stronger HIPAA Compliance Efforts

The OIG has issued two reports calling for stronger ONC oversight of covered entity compliance with HIPAA standards. In the first report, “OCR Should Strengthen Its Oversight of Covered Entities’ Compliance with the HIPAA...more

[Webinar] Cloud Computing 101- How It Works, What Are Its Risks and What Are Its Rewards - Oct. 14th, 12:00pm CDT

Are you using the Cloud? Are you thinking about using the Cloud? Are you confused by why you should care about the Cloud or what the Cloud has to offer? Are you concerned there are issues with using the Cloud that you're not...more

Defense Contractors – Under the DOD’s Interim Rule, It Is Time Once Again To Update Your Data Breach Response Plans

In an interim final rule published on October 2, another layer has been added to the compliance landscape for defense contractors. In addition to complying with breach notification requirements in as many as 47 different...more

1,706 Results
View per page
Page: of 69

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.