Breach Notification Rule

News & Analysis as of

Retail and Consumer Products Law Roundup - June 2016

President Signs Legislation Modernizing Federal Chemical Regulation Law - Overhaul of Toxic Substances Control Act (TSCA) has important business implications for consumer product manufacturers and retailers. ...more

Illinois Joins the Fray: Strengthens its Laws Around Data Breach Notification and Data Security

Sophisticated phishing scams and muscular hacking efforts continue to compromise personal and sensitive information held by insurers, hospital systems, and businesses large and small. In response, many states have...more

The Paper Trail: The Potential Data-Breach Sitting in your Printer

In April 2016, the sensitive personal medical information of NFL players was stolen from the car of a trainer who had left the files in a backpack in his locked car. In 2014, Safeway, Inc. settled charges brought by the...more

Top Takeaways from DWT’s Cloud & Big Data Conference

Davis Wright Tremaine hosted its fourth conference on the legal, regulatory, and commercial landscapes surrounding these rapidly emerging fields. What are the big lessons for your business? Cloud computing and big data...more

Tennessee Legislature Amends Data Breach Notification Statute - Encryption is No Longer an Automatic Safe Harbor

On March 24, 2016, Governor Haslam signed S.B. 2005 which amends Tennessee's data breach notice statute. The amended statute will go into effect on July 1, 2016. The new Tennessee breach notice requirements are triggered by...more

Insurers Face Increasing Data Breach Notice Obligations

Earlier this year, the National Association of Insurance Commissioners’ (NAIC) Cybersecurity Task Force proposed a comprehensive model law that covers, among other things, data security breach reporting. The model law...more

NAIC Task Force Continues Work on Insurance Data Security Model Law

On May 24 and 25, the National Association of Insurance Commissioners (the NAIC) Cybersecurity (EX) Task Force (the Task Force) hosted a meeting in which state insurance commissioners and interested parties were invited to...more

Privacy & Cybersecurity Update - May 2016

In this edition of our Privacy & Cybersecurity Update, we examine recent developments, including the U.S. Supreme Court's holding in Spokeo that consumer plaintiffs must show "real harm" to sue in federal court, the EU data...more

Illinois strengthens, expands scope of personal information protections

With the passage of the Illinois Personal Information Protection Act (HB1260) last month, Illinois substantially broadened the definition of personally identifiable information, and imposed requirements on data collectors for...more

Innocents Abroad: Lost laptop with customer data

Carrie, A couple of weeks ago, you wrote me about an employee who will be engaging in a six-month temporary assignment around Europe to scope market opportunities. The employee was Abbie Absent-Minded. Well, we hit a...more

Ransomware: Electronic Extortion for a Digital Era

Last month, the FBI asked the American Bar Association to share a cyberalert with its members warning of an increased risk of ransomware. Ransomware poses significant legal and operational risks to businesses. Personnel at...more

Laws Governing Data Security and Privacy – U.S. Jurisdictions at a Glance (updated for 2016)

The attached chart constitutes a summary of the laws of various jurisdictions that govern data breach notifications....more

Strict and far-reaching new EU data protection regime comes into force

The EU General Data Protection Regulation ("GDPR") is now in force, and the clock is officially ticking for businesses to bring their operations into line with its sweeping changes. On 4 May 2016, after more than four...more

Tennessee’s Data-Breach Notice Requirements Among the Nation’s Toughest

On July 1, 2016, Tennessee’s new notice requirements for breaches of data security systems which compromise an individual’s personal information will take effect. The amendments to Tennessee’s current rules, found at T.C.A....more

Georgia Attorney General Supports Federal Data Breach Standard

Georgia Attorney General Sam Olens has come out in support of federal data breach preemption as a more realistic way to ask companies to comply with regulatory requirements in the wake of a breach or data loss incident.  His...more

Canada's PIPEDA: consultation opportunity for data breach reporting regulations

The Canadian government continues to move forward with the regulation development process relating to data breach reporting....more

HIPAA Phase 2 Audits: Actions Not Just Words

Action Item: With the commencement of Health Insurance Portability and Accountability Act (“HIPAA”) Phase 2 audits, and the increase in HIPAA enforcement activity, covered entities and business associates need to take HIPAA...more

Breach Response Portal Added by Massachusetts Regulator

If you have had to provide data breach notices across any number of states (and who hasn’t….), you would know that they vary widely in how those notices must be provided to state regulators. In some states (for example,...more

New HIPAA Phase 2 Audits: Targets Notified by Email Only

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced the long-awaited launch of Phase 2 of its HIPAA Audit Program (Phase 2 Audits). The Phase 2 Audits will review the policies...more

OCR Releases Updated HIPAA Audit Protocol and Business Associate Listing Template

The Office of Civil Rights (OCR) recently updated the audit protocol that it will be using to assess Covered Entities’ and Business Associate’s compliance with the Health Insurance Portability and Accountability Act (HIPAA)...more

Health Law Insights Newsletter - Issue 8 - April 2016

McCarter & English, LLP’s Health Care Group presents Issue 8 of the Health Law Insights, which discusses the latest legal issues in the health care industry. NATIONAL - New Payment Model for Part B Drugs Proposed -...more

OCR issues audit protocol and targets over 800 entities—business associates too

The Office for Civil Rights (OCR) has issued its revamped audit protocol for its second phase of auditing covered entities and business associates’ compliance with the HIPAA Privacy, Security and Breach Notification Rules....more

Government Issues New Tool to Help Mobile App Developers Identify Applicable Federal Laws

This week, the Federal Trade Commission (FTC or Commission) released an interactive tool (entitled the “Mobile Health Apps Interactive Tool”) that is intended to help developers identify the federal law(s) that apply to apps...more

Federal Agencies Provide User-Friendly Guidance on Compliance with Data Privacy Laws

How federal privacy laws apply to mobile health applications has been an area of significant ambiguity. Recently, the Federal Trade Commission’s (FTC), the U.S. Department of Health and Human Services (HHS) Office of Civil...more

Regulators Offer Guidance on Privacy and Security for Health App Developers

This month, the Federal Trade Commission (FTC) issued guidance on privacy and security best practices for health-related mobile apps, such as fitness apps connected with wearables, diet and weight loss apps, and health...more

340 Results
|
View per page
Page: of 14
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×