Breach Notification Rule Data Breach

News & Analysis as of

Strict and far-reaching new EU data protection regime comes into force

The EU General Data Protection Regulation ("GDPR") is now in force, and the clock is officially ticking for businesses to bring their operations into line with its sweeping changes. On 4 May 2016, after more than four...more

Tennessee’s Data-Breach Notice Requirements Among the Nation’s Toughest

On July 1, 2016, Tennessee’s new notice requirements for breaches of data security systems which compromise an individual’s personal information will take effect. The amendments to Tennessee’s current rules, found at T.C.A....more

Georgia Attorney General Supports Federal Data Breach Standard

Georgia Attorney General Sam Olens has come out in support of federal data breach preemption as a more realistic way to ask companies to comply with regulatory requirements in the wake of a breach or data loss incident.  His...more

Canada's PIPEDA: consultation opportunity for data breach reporting regulations

The Canadian government continues to move forward with the regulation development process relating to data breach reporting....more

Breach Response Portal Added by Massachusetts Regulator

If you have had to provide data breach notices across any number of states (and who hasn’t….), you would know that they vary widely in how those notices must be provided to state regulators. In some states (for example,...more

New HIPAA Phase 2 Audits: Targets Notified by Email Only

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced the long-awaited launch of Phase 2 of its HIPAA Audit Program (Phase 2 Audits). The Phase 2 Audits will review the policies...more

Tennessee Significantly Strengthens Its Data Breach Notification Requirements

On March 24, 2016, Tennessee Governor Bill Haslam signed into law Senate Bill 2005 to strengthen Tennessee’s data breach notification requirements. Under the new law, an information holder must provide notice to residents of...more

State Data Security Breach Notification Laws - April 2016

The general definition of “personal information” used in the majority of statutes is: An individual’s first name or first initial and last name plus one or more of the following data elements: (i) Social Security number, (ii)...more

Privacy Tip #27 – Complying with the new Rhode Island data security law

As we mentioned before, Rhode Island amended its Identity Theft Protection Act on June 30, 2015, which will become effective on June 26, 2016. Now is the time to think about and put processes in place for compliance with the...more

Tennessee Amends Breach Notification Statute

On March 24, 2016, Tennessee’s breach notification statute was amended when Governor Bill Haslam signed into law S.B. 2005. Under the amendment, notification of a data breach must now be provided to any affected...more

Utah’s Personal Information Protection and Data Breach Laws

Utah, like most U.S. states, has enacted laws concerning data security and steps to take when a data breach occurs. Here is what Utah law provides as codified in Utah Code Ann §§ 13–44–101 et seq. The law has been in effect...more

California AG Harris Issues Data Breach Report

On February 16, California AG Kamala Harris released a report analyzing data breaches reported to her office from 2012 through 2015. During that time period, the report identifies 657 data breaches that compromised more than...more

Plan Now to Comply with New Rhode Island Identity Theft Protection Act

Businesses, organizations, state and local governmental entities and individuals who collect and store personal information about Rhode Island residents should start planning now to comply with the new Rhode Island Identity...more

Government Investigations Into Cybersecurity Breaches In Healthcare

In September 2015, a U.S. Department of Health and Human Services (HHS), Office of the Inspector General (OIG), report found that the Office of Civil Rights (OCR), the agency charged with ensuring compliance with the Health...more

Privacy vs. Data Security: Why Plaintiffs in Consumer Data Breach Cases Still Have a Long Way to Go

The year 2005 really marked the beginning of the “era of data breaches,” and with it, the “era of data breach lawsuits.” The ChoicePoint data breach in late 2004, which first became newsworthy in early 2005, was the catalyst....more

Laws Governing Data Security and Privacy – U.S. Jurisdictions at a Glance (updated for 2016)

The chart blow constitutes a summary of the laws of various jurisdictions that govern data breach notifications. Please see full Publication below for more information. ...more

New Cybersecurity Law – Are You Prepared?

On December 18, 2015, President Obama signed into law the Cybersecurity Act of 2015. Beginning at Division N, Public Law 114-113 deals with cyber threats and includes the means and methods by which the private sector may...more

Legal Trends: Cybersecurity

New privacy torts have recently emerged in certain Canadian jurisdictions, including intrusion upon seclusion and publicity given to private life. Intrusion upon seclusion allows a plaintiff to sue if (1) a person has...more

A Primer on the GDPR: What You Need to Know

Now that it’s been approved by the EU Parliament’s Civil Liberties Committee, Europe’s General Data Protection Regulation (the “GDPR” or the “Regulation”) is well on its way to replacing the 20-year-old Data Protection...more

Gavel to Gavel: Data Breaches

While every business owner should understand the importance of protecting the personal information of customers and employees, the legal obligations resulting from a data breach may not always be clear. Originally...more

EU Cyber Security Directive (CSD) Introduces Cross Sector Data Breach Notification

The European Parliament, the Council and the Commission have agreed on the first EU-wide legislation on cybersecurity. Under the new measure, internet companies such as Google, Amazon, eBay and Cisco, but not social...more

Australia’s Proposed Data Breach Notification Law: What’s The Harm In A “Real Risk of Serious Harm” Standard?

Last week, the government of Australia released an “Exposure Draft” of a bill that, if passed into law, would amend Australia’s Privacy Act to require notification to the government and affected individuals in the event of a...more

Alert: California and the EU’s Changing Privacy Laws

Privacy law has traditionally focused on an individual’s right to privacy vis-à-vis a government’s physical intrusion. Privacy law, however, has morphed in recent years to address concerns of the digital age, including data...more

California Amends Breach Notification Law: Unique New Refinements and Requirements

The California legislature has again amended the state’s breach notification statutes to impose new and unique requirements and refinements, adding further complexity to the patchwork of breach notification requirements....more

NAIC Cybersecurity Task Force Adopts Cybersecurity Bill of Rights

On October 14, 2015, the National Association of Insurance Commissioners’ (NAIC) Cybersecurity Task Force adopted the Cybersecurity Bill of Rights, a document meant to inform consumers of the services they can expect from...more

226 Results
|
View per page
Page: of 10
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×