News & Analysis as of

Civil Monetary Penalty Data Protection

Polsinelli

SEC Penalties Relating to Cybersecurity Disclosures

Polsinelli on

On October 22, 2024, the Securities and Exchange Commission (“SEC”) charged four current or former publicly traded companies with disseminating materially misleading disclosures regarding cybersecurity risks and actual...more

Nelson Mullins Riley & Scarborough LLP

And T-Mobile Makes Three: More Information Security Guidance for Telecommunications Carriers from the FCC

Close on the heels of its Consent Decrees with TracFone and AT&T, on September 27, 2024, the Enforcement Bureau of the Federal Communications Commission (FCC) announced that it reached a Consent Decree with T-Mobile US, Inc....more

Hinch Newman LLP

FTC Drops the Hammer on Security Camera Firm Over Charges it Failed to Secure Videos and Personal Data, and that it Violated...

Hinch Newman LLP on

On August 30, 2024, the Federal Trade Commission announced that the Department of Justice filed a complaint upon notification and referral from the FTC against a surveillance camera company that allegedly failed to provide...more

Health Care Compliance Association (HCCA)

Privacy Briefs: May 2024

Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more

Keating Muething & Klekamp PLL

New York Bans Sale of Certain Supplements to Minors

On October 25, 2023, New York Governor Kathy Hochul signed into law a bill (the “Act”) banning the sale of over-the-counter weight loss and muscle building supplements to children under the age of 18. This Act is the first...more

Cozen O'Connor

California’s Delete Act Creates Universal Deletion Requirement Aimed at Data Brokers

Cozen O'Connor on

On October 10, Governor Gavin Newsom signed into law California’s most recent foray into the world of consumer data privacy: the Delete Act. Targeting so-called data brokers, the Act expands on regulations already in place...more

Manatt, Phelps & Phillips, LLP

Health IT Organizations Soon to Face Enforcement Under Final OIG Information Blocking Rule

After a COVID-19-related delay, on June 27, the Department of Health and Human Services (HHS) Office of Inspector General (OIG) released a long-awaited final rule that establishes monetary penalties for violations of health...more

Clark Hill PLC

GoodRx Pays $1.5 Million Settlement in the FTC’s First Enforcement Action Under the Health Breach Notification Rule

Clark Hill PLC on

For the first time since it became law on Aug. 25, 2009, the Federal Trade Commission (“FTC”) has taken enforcement action under 16 C.F.R. § 318, also known as the Health Breach Notification Rule, with a $1.5 million civil...more

Latham & Watkins LLP

Erfahrungsbericht: Latham & Watkins plädiert als erste Anwaltskanzlei zu DSGVO-Geldbußen vor dem Europäischen Gerichtshof

Latham & Watkins LLP on

Der Europäische Gerichtshof (EuGH) wird bald darüber entscheiden, ob europäische Datenschutzbehörden künftig leichter Bußgelder nach Art. 83 DSGVO gegen Unternehmen verhängen können. Diese Entscheidung kann großen Einfluss...more

Lerman Senter PLLC

California Privacy Law Nears Effective Date; Businesses Risk Million Dollar Penalties

Lerman Senter PLLC on

The Consumer Privacy Rights Act (CPRA), which amended the California Consumer Privacy Act (CCPA), becomes fully effective on January 1, 2023. Businesses should review the new law and recent enforcement actions before the law...more

Health Care Compliance Association (HCCA)

OCR: Current Fines Too Low to Spur Compliance; Agency Also Seeks Funding Boost, Injunctive Relief

Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more

BakerHostetler

No Time to Weight and Watch for Children’s Data Compliance

BakerHostetler on

The Federal Trade Commission (FTC) recently settled with Weight Watchers (WW) and its subsidiary Kurbo for alleged violations of the Children’s Online Privacy Protection Act  (COPPA). COPPA requires websites, apps and other...more

Bilzin Sumberg

Recent Settlements and Penalties Show Perils of Data Breaches

Bilzin Sumberg on

Two major U.S. financial institutions, Morgan Stanley and Capital One, recently agreed to resolve separate class action lawsuits by paying, in the aggregate, hundreds of millions of dollars in compensation for massive data...more

Alston & Bird

NYDFS Announces Cybersecurity Settlement, Addresses Multi-Factor Authentication Rules

Alston & Bird on

On April 14, 2021, the New York Department of Financial Services (“NYDFS”) announced a settlement with National Securities Corporation (“National Securities”), a licensed insurer, in connection with claims under the NYDFS...more

Robinson+Cole Data Privacy + Security Insider

NYDFS Settles with National Securities Corp. for $3M for Violations of DFS Cybersecurity Regulations

The New York Department of Financial Services (NYDFS) has settled alleged violations of the Department’s strict cybersecurity regulations with National Securities Corp. (NSC) for $3 million, over four separate cybersecurity...more

McGlinchey Stafford

The Impact Of The Virginia Consumer Data Protection Act

McGlinchey Stafford on

On March 2, 2021, the Commonwealth of Virginia enacted the Virginia Consumer Data Protection Act (VCDPA). The new law makes Virginia the second state in the United States to enact a comprehensive data privacy regime,...more

Williams Mullen

FAQs: Virginia Consumer Data Protection Act

Williams Mullen on

Virginia Governor Ralph Northam signed the Consumer Data Protection Act (the “Act”) on March 2, 2021. The following are answers to some frequently asked questions about the Act and its impact on organizations doing business...more

Husch Blackwell LLP

New York’s DFS Publishes A Cyber Insurance Risk Framework

Husch Blackwell LLP on

Keypoint: New York’s Division of Financial Services (DFS) now requires Property and Casualty Insurers writing cyber insurance to comply with the Division’s Cyber Insurance Risk Framework to manage their risk. In her...more

Hogan Lovells

Fifth Circuit Vacates $4.3M Penalty Against MD Anderson Related to Data Losses

Hogan Lovells on

There has been a significant development in the ongoing debate regarding the scope of the authority of the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) to issue penalties under the Health...more

Faegre Drinker Biddle & Reath LLP

ONC Publishes Game-Changing Information Blocking Rule: Introduction and Overview

In the midst of the COVID-19 pandemic, the Office of the National Coordinator for Health Information Technology (ONC) published the final Information Blocking Rule. This rule is widely seen as a game-changer that will have...more

Jackson Lewis P.C.

NYDFS Files First Enforcement Action Under Reg 500

Jackson Lewis P.C. on

On July 21, 2020, the New York Department of Financial Services (“DFS”) filed its first enforcement action under New York’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R. Part 500 (“Reg 500”). Reg...more

White & Case LLP

GDPR Guide to National Implementation: Bulgaria - A practical guide to national GDPR compliance requirements across the EEA

White & Case LLP on

Q1/ Applicable legislation (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? Old legislation has been updated. ———...more

Faegre Drinker Biddle & Reath LLP

$1.6 Million Civil Money Penalty for HIPAA Breach Impacting 6,617 Individuals

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services imposed a $1.6 million civil money penalty (CMP) against the Texas Health and Human Services Commission, Department of Aging and Disability...more

Polsinelli

Important Highlights from the NIST/OCR HIPAA Security Conference Last Week

Polsinelli on

Every year, the National Institute of Standards and Technology (NIST) and the Department of Health and Human Services, Office for Civil Rights (OCR) jointly sponsor a conference to “address the dynamic and challenging...more

Morgan Lewis

Russia Considers Monetary Penalties for Noncompliance with Data Protection, Internet Laws

Morgan Lewis on

A draft law proposed in Russia would introduce severe monetary fines for noncompliance with Russia’s data protection law, including the data localization requirement, and violations of various internet activity laws. ...more

58 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide