Breach Notification Rule Data Breach

News & Analysis as of

FTC Releases a Data Breach Response Guide For Business

Data breaches are fast becoming a fact of life. Experiencing a data breach is never a pleasant experience, regardless of how it happens – by accident, by criminal intent, or by system failure. Someone steals a company...more

FTC Releases Data Breach Response Guide

On October 25, the Federal Trade Commission (FTC) released new guidance for businesses that outlines recommended actions to take when facing a data breach. This data breach response guide (Guide) follows the FTC's prior...more

HHS-OCR Announces Guidance On HIPAA Compliance And Cloud Computing

On October 6, 2016, the Department of Health and Human Services Office for Civil Rights (“OCR”) issued guidance on complying with HIPAA privacy, security, and breach notification rules when using cloud computing technology...more

Cybersecurity Data Breaches and Mandatory Privacy Breach Reporting: Lessons from Alberta

In an increasingly interconnected and digitized world, data breaches have become ever more common. The wealth of personal information that corporations have in their possession means that such breaches can occur in even the...more

California Updates Data Breach Notification Statute for 2017

California, which has historically been one of the states at the vanguard of data breach notification issues, has made an update to its statute that takes effect on January 1, 2017. The update will require companies to notify...more

Advertising Law - October 2016 #2

No Shades of Gray in Order Banning Supplement Claims - In a case based on a referral from the National Advertising Division, the Federal Trade Commission obtained summary judgment and a final order against an advertiser...more

Data Breach Decision Points: Part 2

The best way for a company to handle a data breach is to be prepared. As we discuss in our data breach readiness handbook, preparation includes, among other things, drafting an incident response plan, reviewing...more

FCC Chairman Moves to Regulate Broadband Consumer Privacy

On October 6, Federal Communications Commission (FCC) Chairman Tom Wheeler released a factsheet outlining proposed rules aimed at protecting broadband consumers’ privacy. The proposed rules would apply to internet service...more

UK ICO issues largest ever fine for a data breach

The UK Information Commissioner's Office (the "ICO") has issued a record fine of £400,000 to a UK telecoms company, in connection with a data breach that took place in October 2015. The fine, and the related adverse...more

Trick or Treat: The FCC Releases Privacy Regulations for Internet Service Providers

On October 6, 2016, the Federal Communications Commission (FCC) revealed its revamped broadband privacy regulations. In March, the FCC initially proposed privacy rules which were highly criticized by everyone from the Federal...more

Avoiding management struggles when it comes to data breaches: Part 1

The best way for a company to handle a data breach is to be prepared. As we discuss in our data breach readiness handbook, preparation includes, among other things, drafting an incident response plan, reviewing...more

Despite Plaintiffs Satisfying Standing Requirements, Barnes & Noble Closes the Book on Data Breach Class Action

In data breach class actions, standing is often the major obstacle, and has taken on renewed focus following the U.S. Supreme Court’s ruling in Spokeo v. Robins, 136 S. Ct. 1540 (May 24, 2016). See, e.g., Federal Court Finds...more

Trump Hotel Settles with NY Attorney General Over Credit Card Breaches

Trump International Hotels Management has agreed to pay the State of New York $50,000 for two data breaches that exposed over 70,000 customer credit card numbers and other personal information, according to New York Attorney...more

NAIC Revised Draft Insurance Data Security Model Law Continues to Raise Significant Industry Concerns

The National Association of Insurance Commissioners (NAIC) Cybersecurity (EX) Task Force has received significant industry comments regarding its revised draft Insurance Data Security Model Law issued August 17, 2016 (the...more

U.S. Senators Want Answers: Yahoo’s Unacceptable Delay In Data Breach Announcement

The aftermath of Yahoo’s data breach has raised a number of questions from customers, law enforcement, and most recently six U.S. Senators. Yesterday, Senators Patrick Leahy, Al Franken, Elizabeth Warren, Richard...more

Breach Notification law: Yahoo’s Breach and the Duty to Disclose

Last week, Yahoo disclosed that in 2014 it suffered one of the largest data breaches in history, with at least 500 million Yahoo accounts compromised.  Given the timing of its acquisition deal with Verizon, Yahoo has been...more

New York Attorney General Announces Settlement With Trump Hotel Over Two Data Security Incidents

On September 23, 2016, New York Attorney General Eric T. Schneiderman announced a settlement with Trump International Hotels Management LLC, d/b/a Trump Hotel Collection (“THC”), imposing $50,000 in penalties and ongoing...more

Yahoo Announces Large Data Breach

On September 22, 2016, Yahoo issued a statement confirming that hackers infiltrated its systems in late 2014 and lifted account data tied to at least 500 million users. In its press release, Yahoo said that a recent...more

Four States Expanded Employer Data Breach Notification Obligations in 2016

With over 680 security breaches reported so far in 2016, more employers are being forced to confront the issue of how to respond to a breach. All states except Alabama, North Dakota and New Mexico now require notification...more

Quick Thoughts About the Yahoo Breach

Another day, another 500 million Yahoo accounts reached. Our friends at the FTC are right on top of this with guidance for individuals with Yahoo accounts. First and foremost, change your Yahoo password....more

Questions Remain Regarding Revised NAIC Data Security Model Law

The National Association of Insurance Commissioners (NAIC) Cybersecurity (EX) Task Force released its second version of the Insurance Data Security Model Law (Model) on August 17. The first version was exposed on March 3, and...more

OCR Sets Sights on Smaller HIPAA Breaches

Covered entities and business associates can expect increased scrutiny for breaches of unsecured protected health information affecting fewer than 500 individuals. Starting August 2016, the U.S. Department of Health and Human...more

Summer Round-Up: Four States Bolster Data Breach Notification Laws and More Changes on the Way

As has become typical in the data security space, there was quite a bit of activity in state legislatures over the previous year concerning data breach notification statutes. Lawmakers are keenly aware of the high profile...more

OCR to Focus More Investigative Resources on Smaller HIPAA Breaches with Less Than 500 Individuals Affected

The Department of Health & Human Services (DHHS) Office of Civil Rights (OCR) recently announced it will devote more resources to investigate smaller HIPAA breaches. Before this announcement, OCR typically opened...more

OCR to Investigate More HIPAA Breaches Affecting Fewer Than 500 Individuals

On August 18, 2016, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced plans to expand its investigations of reported breaches of the Health Insurance Portability and...more

274 Results
View per page
Page: of 11
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.