Breach Notification Rule

News & Analysis as of

HHS-OCR Announces Guidance On HIPAA Compliance And Cloud Computing

On October 6, 2016, the Department of Health and Human Services Office for Civil Rights (“OCR”) issued guidance on complying with HIPAA privacy, security, and breach notification rules when using cloud computing technology...more

Cybersecurity Data Breaches and Mandatory Privacy Breach Reporting: Lessons from Alberta

In an increasingly interconnected and digitized world, data breaches have become ever more common. The wealth of personal information that corporations have in their possession means that such breaches can occur in even the...more

California Updates Data Breach Notification Statute for 2017

California, which has historically been one of the states at the vanguard of data breach notification issues, has made an update to its statute that takes effect on January 1, 2017. The update will require companies to notify...more

New York's New Cybersecurity Rules: What Is Required?

The new cybersecurity rules proposed by the New York State Department of Financial Services require financial services institutions to have extensive cybersecurity protections in place; including cybersecurity programs,...more

Advertising Law - October 2016 #2

No Shades of Gray in Order Banning Supplement Claims - In a case based on a referral from the National Advertising Division, the Federal Trade Commission obtained summary judgment and a final order against an advertiser...more

Data Breach Decision Points: Part 2

The best way for a company to handle a data breach is to be prepared. As we discuss in our data breach readiness handbook, preparation includes, among other things, drafting an incident response plan, reviewing...more

FCC Chairman Moves to Regulate Broadband Consumer Privacy

On October 6, Federal Communications Commission (FCC) Chairman Tom Wheeler released a factsheet outlining proposed rules aimed at protecting broadband consumers’ privacy. The proposed rules would apply to internet service...more

UK ICO issues largest ever fine for a data breach

The UK Information Commissioner's Office (the "ICO") has issued a record fine of £400,000 to a UK telecoms company, in connection with a data breach that took place in October 2015. The fine, and the related adverse...more

Trick or Treat: The FCC Releases Privacy Regulations for Internet Service Providers

On October 6, 2016, the Federal Communications Commission (FCC) revealed its revamped broadband privacy regulations. In March, the FCC initially proposed privacy rules which were highly criticized by everyone from the Federal...more

Avoiding management struggles when it comes to data breaches: Part 1

The best way for a company to handle a data breach is to be prepared. As we discuss in our data breach readiness handbook, preparation includes, among other things, drafting an incident response plan, reviewing...more

Despite Plaintiffs Satisfying Standing Requirements, Barnes & Noble Closes the Book on Data Breach Class Action

In data breach class actions, standing is often the major obstacle, and has taken on renewed focus following the U.S. Supreme Court’s ruling in Spokeo v. Robins, 136 S. Ct. 1540 (May 24, 2016). See, e.g., Federal Court Finds...more

California Expands Data Breach Notification Law

California’s data breach notification law is already considered the most stringent in the United States. Based on a new amendment recently signed into law, the law will soon get even tougher....more

Trump Hotel Settles with NY Attorney General Over Credit Card Breaches

Trump International Hotels Management has agreed to pay the State of New York $50,000 for two data breaches that exposed over 70,000 customer credit card numbers and other personal information, according to New York Attorney...more

NAIC Revised Draft Insurance Data Security Model Law Continues to Raise Significant Industry Concerns

The National Association of Insurance Commissioners (NAIC) Cybersecurity (EX) Task Force has received significant industry comments regarding its revised draft Insurance Data Security Model Law issued August 17, 2016 (the...more

U.S. Senators Want Answers: Yahoo’s Unacceptable Delay In Data Breach Announcement

The aftermath of Yahoo’s data breach has raised a number of questions from customers, law enforcement, and most recently six U.S. Senators. Yesterday, Senators Patrick Leahy, Al Franken, Elizabeth Warren, Richard...more

Breach Notification law: Yahoo’s Breach and the Duty to Disclose

Last week, Yahoo disclosed that in 2014 it suffered one of the largest data breaches in history, with at least 500 million Yahoo accounts compromised.  Given the timing of its acquisition deal with Verizon, Yahoo has been...more

New York Attorney General Announces Settlement With Trump Hotel Over Two Data Security Incidents

On September 23, 2016, New York Attorney General Eric T. Schneiderman announced a settlement with Trump International Hotels Management LLC, d/b/a Trump Hotel Collection (“THC”), imposing $50,000 in penalties and ongoing...more

Yahoo Announces Large Data Breach

On September 22, 2016, Yahoo issued a statement confirming that hackers infiltrated its systems in late 2014 and lifted account data tied to at least 500 million users. In its press release, Yahoo said that a recent...more

As Goes New York So Goes The Nation? Ten Highlights From New York’s Proposed Cybersecurity Rules For Banks, Insurance and...

In a presidential election year, Americans are often reminded that “As Ohio goes, so goes the nation.” When it comes to banks, insurers and financial institutions, it may be equally true to say “As goes New York, so goes the...more

Four States Expanded Employer Data Breach Notification Obligations in 2016

With over 680 security breaches reported so far in 2016, more employers are being forced to confront the issue of how to respond to a breach. All states except Alabama, North Dakota and New Mexico now require notification...more

Quick Thoughts About the Yahoo Breach

Another day, another 500 million Yahoo accounts reached. Our friends at the FTC are right on top of this with guidance for individuals with Yahoo accounts. First and foremost, change your Yahoo password....more

New York State Department of Financial Services Proposes Cybersecurity Regulations for Financial Services Companies

If the New York State Department of Financial Services (“DFS”) has its way, come January 1, 2017, financial services companies that require a form of authorization to operate under the banking, insurance, or financial...more

Healthcare Data Breach Enforcements and Fines At A Glance

The Department of Health and Human Services’ (“HHS”) Office for Civil Rights (“OCR”) is responsible for enforcing the Privacy and Security Rules of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”)....more

Taking Measure of HIPAA Enforcement

Last month, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced the largest settlement to date for alleged violations of the Health Insurance Portability and Accountability Act (HIPAA)....more

Questions Remain Regarding Revised NAIC Data Security Model Law

The National Association of Insurance Commissioners (NAIC) Cybersecurity (EX) Task Force released its second version of the Insurance Data Security Model Law (Model) on August 17. The first version was exposed on March 3, and...more

405 Results
View per page
Page: of 17
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.