Data Breach

News & Analysis as of

Unauthorized Transfers Present Growing Risks for Commercial Accounts

Could your institution be at risk of liability for unauthorized wire transfers and Automated Clearing House (“ACH”) credit transfers? Data security breaches continue to garner headlines, and criminals continue to engage in...more

[Webinar] Mobile Device Management for Health Care Organizations and Vendors - Sept. 10th, 10:00am PDT

In this webinar, we will demystify the HIPAA Security Rule and how to apply the administrative, physical, and technical safeguards in a mobile environment. We will discuss key takeaways from the recently released NIST Draft...more

Physician Group to Pay $750,000 to Settle a HIPAA Violation

In August 2012, a Physician Group—comprising of nearly 20 physicians—reported its HIPAA breach to HHS, which resulted from a laptop bag containing the employee’s laptop and a computer server backup being stolen from an...more

Cybersecurity for Medical Devices: A Risk Mitigation Checklist for In-House Counsel

Just this summer, a cybersecurity firm issued a report widely cited in the media detailing cases where unnamed hospitals were allegedly hit by data breaches after medical devices (identified only generically as a blood gas...more

Maryland AG settles with Visionworks over security practices

Using the Maryland Consumer Protection Act, Maryland Attorney General Brian Frosh has announced that eye care retailer Visionworks, Inc. has agreed to pay the state of Maryland $100,000 and enhance its security measures...more

IRS Sued For Failing To Protect Online Taxpayer Data From Hackers

On August 20, 2015, affected taxpayers filed a class action lawsuit in the United States District Court for the District of Columbia against the Internal Revenue Service (the “IRS”) for failing to secure the personal...more

New survey shows continued lack of executive confidence in cybersecurity and increases in data loss

A new survey released by Raytheon and websense, called “Study-Why Executives Lack Security Posture Confidence While Knowing that the Metrics They Use to Gauge it are Ineffective” “reveals that confidence in [executives’]...more

FTC claims authority over cyber security

On August 24, 2015, the United States Court of Appeals for the Third Circuit issued its Memorandum Decision in FTC v. Wyndham Worldwide Corporation, giving the FTC full authority, at least in the Third Circuit, to review and...more

Throwback Thursday: Why Trade Secret Theft Isn’t Just a Digital Problem And What Businesses Can Do About It

With stories of cyberattacks and data breaches on a seemingly endless loop, businesses and governments have been doubling down on their efforts to protect digital information and assets.  But, in some industries, the greatest...more

Legal Precedent May Come From Ashley Madison Breach

The Ashley Madison saga has captured the attention of the public and legal profession like few prior data security breaches. The reasons are obvious: A website devoted to promoting infidelity is called out for “fraud, deceit,...more

$750,000 Settlement Agreement Reiterates Importance of HIPAA Security Rule Compliance

On September 2, 2015, the U.S. Department of Health and Human Services ("HHS") announced that it had entered into a Settlement Agreement with an Indiana-based medical practice for alleged violations of the Health Insurance...more

Federal Reserve Bank of Cleveland Reports on Online Small Business Lending Focus Groups

The Federal Reserve Bank of Cleveland recently issued a special report on the results of online focus groups it conducted with the Federal Reserve Board “to better understand small businesses’ perceptions of online...more

Physician Group Practice Pays $750,000 for Breach of Unsecured Electronic Protected Health Information on Electronic Device

Cancer Care Group, P.C. (“CCG”), a radiation oncology physician group practice in Indiana, agreed to pay $750,000 for a breach of unsecured electronic protected health information (“ePHI”). CCG will also implement a...more

Cybersecurity as a Regulatory Issue: The NAIC Considers The Anthem Breach And Weighs a “Cybersecurity Bill of Rights”

The Cybersecurity Task Force of the National Association of Insurance Commissioners (the “NAIC”) met last month, as part of on the NAIC’s 2015 Summer National Meeting in Chicago. The Task Force focused on two issues: the...more

Russia’s new data law

Russia’s new Data Localisation Law went live yesterday on 1 September. Many companies with operations in Russia are scratching their heads about how to comply. The Basics - The new law applies to businesses with a...more

Back to Basics: Low tech tips to alleviate high tech headaches

It’s easy to get lost in the abyss of technical jargon when discussing Electronically Stored Information (ESI). However, good information governance, which is one of the cornerstones of data privacy and security, doesn’t have...more

9 Key Provisions of Outsourcing Contracts That Matter

Outsourcing, whether technical or process-centric, has become an increasingly important component of businesses of all sizes. Handing over the complexity of ever-changing systems that require increasing expertise can often...more

Third Circuit Affirms District Court’s Decision Asserting FTC’s Authority over Companies’ Data Security Practices

On August 24, the U.S. Court of Appeals for the Third Circuit affirmed the Federal Trade Commission’s authority to hold companies accountable for their data security practices under Section 5 of the FTC Act (15 U.S.C. §...more

Third Circuit Holds FTC Has Authority to Regulate Cybersecurity under Unfairness Prong of 15 U.S.C. § 45(a)

The Third Circuit recently issued its highly anticipated ruling in the Federal Trade Commission v. Wyndham Worldwide Corp., Case. No. 14-3514, holding that the FTC has authority to regulate the cybersecurity practices of...more

Illinois Governor Vetoes Data Breach Bill

On August 21, 2015, Illinois Governor Bruce Rauner vetoed legislation that would have modified the state’s data breach notification law. Illinois’ Personal Information Protection Act (the “Act”) was enacted in 2005 to...more

A Classy Affair: Class Action Lawyers Race to Courthouse in Wake of Ashley Madison Data Breach

Illicit affairs have always imposed risks – from marital discord and divorce to boiling bunnies and Maury appearances. However, when old-school adultery met new-school technology on the Ashley Madison infidelity website,...more

Ashley Madison - That Electronic Communications Policy Was a Good Idea After All

When does an employee’s extramarital activity become his or her employer’s concern?  Before the Ashley Madison breach, the answer might as well have been “[almost] never.”  Since the Ashley Madison breach has a...more

St. Elizabeth’s Medical Center Pays $218,400 to Settle Alleged HIPAA Security Case Stemming from Use of Cloud-Based Document...

Alleged HIPAA Violations Resulted from Medical Center’s Failure to Risk Assess Internet-Based Document Sharing Application and Inadequate Breach Response. The US Department of Health and Human Services (HHS) Office for...more

Privacy & Cybersecurity Update - August 2015

Third Circuit Affirms FTC’s Authority Over Cybersecurity: In the Wyndham case, the Third Circuit affirmed that the FTC has the authority to regulate cybersecurity under Section 5 of the FTC Act, and that the language of...more

Is Ashley Madison abusing the Digital Millennium Copyright Act in the Wake of Hack?

In July, a group of hackers identifying themselves as the Impact Team took over the computer systems of Avid Life Media (“ALM”), the parent company of the adultery-oriented website Ashley Madison, threatening to release the...more

1,546 Results
|
View per page
Page: of 62

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×