Cloud Computing Data Security

News & Analysis as of

HR Data Security in the Spotlight

Cloud computing has the potential to provide on-demand efficiency, lower costs and flexibility for HR functions. However, it is important to manage a number of data privacy and security issues to protect sensitive HR data in...more

Expanding Cybersecurity Safeguarding Requirements, Reporting Obligations, and Cloud-Based Security: A Brief Guide to Understanding...

The United States Department of Defense promulgated an “interim” rule, effective August 26, 2015, which placed imposing and costly burdens on all DoD contractors and subcontractors (including small businesses and commercial...more

Three Trending Topics in IoT: Privacy, Security, and Fog Computing

Cisco has estimated that there will be 50 billion Internet of Things (IoT) devices connected to the Internet by the year 2020. IoT has been a buzzword over the past couple of years. However, the buzz surrounding IoT in the...more

New DoD Cybersecurity Rule and How Contractors Can Reduce Their Risks

The Department of Defense (DoD) issued an interim cybersecurity rule in August 2015 that, among other things, revises the existing Defense Federal Acquisition Regulation Supplement (DFARS) cybersecurity clause and increases...more

The Safe Harbor Ruling – FAQs and What Your Business Should Do Now

Overview questions - 1. I’m Safe Harbor certified and have seen news articles reporting that “Safe Harbor is invalid”. What does that mean? On 6 October, the European Court of Justice delivered a judgment which...more

California Enacts CalECPA, Requiring a Search Warrant to Obtain or Access Users’ Electronic Information

On Thursday, October 8, 2015, California Governor Jerry Brown signed into law the Electronic Communications Privacy Act (the “California ECPA”). This legislation, which takes effect on January 1, 2015, has been heralded by...more

Privacy, Security, Risk: What You Missed At IAPP Conference

Earlier this month, privacy and security professionals from around the globe gathered for “Privacy. Security. Risk. 2015”—the second joint conference between the International Association of Privacy Professionals and the...more

California Joins Other States with the Passage of CalECPA

Law enforcement requests for electronic information, particularly from technology companies such as Google and Twitter, have skyrocketed in recent years. In response, several states—Maine and Texas in 2013, Utah in 2014 and...more

No Safe Harbor for EU-U.S. Data Transfers

In a landmark decision with immediate repercussions for both American and European companies, Europe’s highest court, the Court of Justice of the European Union (CJEU), ruled that the EU-U.S. Safe Harbor framework enabling...more

New Delaware Act Requires Online Privacy Policy for Websites

A new privacy law requires companies to make specific statements about what information is collected on its website. Like California, it also requires that companies state in writing whether they respect “Do Not Track”...more

US–EU Safe Harbor – Struck Down!

1. CJEU finds Safe Harbor Invalid - In a landmark ruling delivered today, Europe's highest court, the Court of Justice of the European Union (CJEU) declared that the EU Commission's US - EU Safe Harbour regime is...more

FFIEC Weighs in on Cybersecurity in Light of Unprecedented Risk of Cyber Threats

As financial institutions of all sizes continue to face unprecedented cybersecurity risk, the Federal Financial Institutions Examination Council (FFIEC) released its Cybersecurity Assessment Tool. The Assessment is...more

EU Top Court Invalidates Safe Harbor; Data Transfer Concerns Arise for EU/US Employers; Learn More About this at Today’s Privacy...

The Court of Justice of the European Union (ECJ) has now declared Safe Harbor invalid – in total. The ECJ has sent the case back to the Irish Data Protection Authority to determine whether Facebook Ireland’s transfer of...more

Department of Defense Issues New Cybersecurity Rules for Defense Agencies That Use Contractors and Cloud Services to Hold...

The U.S. Department of Defense (DOD) recently published an interim rule amending the Defense Federal Acquisition Regulation Supplement (DFARS).1 The interim rule, effective August 26, 2015, focuses on two issues. First, the...more

Systema Software exposes information of 1.5 million on Amazon Web Service

Systema Software, which provides software solutions for claims management, is investigating a breach (although it was discovered, accessed and confirmed by an independent third party) involving information of 1.5 million...more

EU–US Safe Harbor About to be Struck Down?

Thousands of U.S. and European companies who rely on the EU–US Safe Harbor Framework to permit the transfer of personal data from the EU to the U.S., have come a step closer to seeing the transfer mechanism struck down....more

Advocate General Of ECJ Rules EU Data Protection Authorities Can Investigate Complaints About Safe Harbor Programme

Data transfers can be suspended until investigation is complete. In Maximillian Schrems v. Data Protection Commissioner (case C-362/14), the Advocate General ruled that EU data protection authorities do have powers to...more

Delaware Enacts Package of Internet Data Laws

Joining the collection of states with online privacy laws, Delaware has enacted a package of statutes governing the collection, storage and use of the personal information of Delaware residents by websites, Internet and cloud...more

TN Ethics Opinion Approves Lawyers’ Cloud Storage of Client Data

Tennessee has joined other states in formally approving lawyers’ cloud-storage of client-confidential data. The Board of Professional Responsibility (“BOPR”) held that lawyers ethically may use cloud storage for...more

That is SO last week - September 2015 #3

Last week, The New York Times reported that men “feel entitled to take time off for family” too. The subject of the article was Josh Levs, a former CNN reporter who wanted more time off when his third child was born...more

Cure of Security Rule Violations Following Breach of EPHI Cannot Save Covered Entities from $750,000 Settlement; Non-Breach...

More than three years after the Cancer Care Group, P.C. (“CCG”) notified the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) of a breach of unsecured electronic protected health...more

Don't Wait for It; Recent HIPAA Enforcement Action Signal More to Come in Phase 2 Audits

Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more

Proposed Amendments Provide Data Security Standard Under ITAR and EAR

The Commerce and State Departments have issued long-awaited proposed regulations that provide data security standards for use in the transmission and storage of ITAR-controlled and EAR-controlled electronic data. If enacted...more

Interim rule requires Department of Defense contractors to report cyber breaches

Companies doing business with the U.S. Department of Defense are facing new requirements for reporting data security breaches and for acquiring cloud computing services. The Interim Rule, effective August 26, 2015, amends the...more

Strange Bedfellows: Technology Issues in Real Estate Transactions, Part 2

This blog is the second part of a two-part series on key contracting issues with technology service providers, and the focus is specifically geared toward companies doing business in the real estate industry. As noted in Part...more

36 Results
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.