Data Breach Data Security

News & Analysis as of

The Proof Is in the Password!

Consider this scenario: A young couple entrusts you, an experienced real estate attorney, to assist them in the purchase of their first home. Days before closing, your unsecured email account gets hacked and your client...more

Class Certification Improper in Data Breach Case, PA Appellate Court Finds

The Pennsylvania Superior Court has affirmed a trial court's decision denying class certification in a data breach case against two health plans, reversing its own earlier ruling in the same case that the plaintiff did not...more

Panama Papers Scandal Puts Third Party Risk in Focus

The Panama Papers scandal should serve as a wake-up call for every organization—and it should prompt compliance officers to closely scrutinize the third party vendors they do business with. ...more

When “Shhh” turns to “Oh $%*#!” – No Pseudonyms for Ashley Madison Plaintiffs

Nothing good has come from the Ashley Madison hacking incident, except hopefully some well-deserved apologies to loved ones. Now the E.D. Mo. Court hearing the In Re Ashley Madison Customer Security Breach Litigation, MDL No....more

FCC Proposes Indiscriminate PII Definition in Privacy NPRM

In addition to a bothersome “breach” definition, the Federal Communications Commission (“FCC”), in its April 1, 2016 Notice of Proposed Rulemaking (“NPRM”) concerning ISP privacy regulation, proposes a sweeping definition of...more

Hello Insurers – Court says CGL may Cover Privacy Breaches Occurring Prior to 2014

In April 2013, Glens Falls Hospital admitted that the medical records for more than 2,300 of its patients were stored for several months on an unprotected computer server. The hospital’s outside records contractor, Portal...more

Credit Card Theft Plaintiffs Discover Warm Home After 7th Circuit Rulings

One of the great scourges for retail companies in the digital age has been the ever-present threat of massive data breaches by hackers attempting to steal millions of consumers ’debit and credit card information. In...more

Fourth Circuit Upholds Coverage Under CGL Policy for Data Breach Claims

The United States Court of Appeals for the Fourth Circuit (“Fourth Circuit”) recently concluded that an insurer had a duty to defend a health care company that was sued by individuals whose personal health information was...more

Department of Health and Human Services Cracks Down on Vendor Oversight in Recent Hospital Settlements

From the rise in ransomware attacks to inadvertent disclosure of information by subcontractors, the health services industry is reminded that a potential consequence of a data breach is the threat of a regulatory enforcement...more

Analysis of the FCC’s Proposed Broadband Privacy Regulations

As we highlighted in a post last month, the FCC has proposed sweeping new privacy rules on broadband providers. Since our last post, the FCC has released its proposal in the form of a Notice of Proposed Rulemaking. ...more

Judge Flunks Case Against LabMD, FTC Appeals

In March 2015, I wrote about the ongoing dispute between the FTC and LabMD, an Atlanta-based cancer screening laboratory, and looked at whether the FTC has the authority to take enforcement action over data-security practices...more

Ransomware Cuts Deep, in Life & in Coverage

1. Beyond Breaches - With ransomware, cybersecurity in healthcare has gone far beyond HIPAA compliance, breaches of PHI or identity theft. For the unprepared healthcare provider not able to prevent ransomware or...more

Nebraska Amends Data Breach Notification Law

Last week, Nebraska Governor Pete Ricketts signed into law LB 835, which makes the following amendments to the state’s data breach notification statute: - Adds to the definition of “personal information” a user name or...more

Tennessee Amends Its Data Breach Notification Laws

Removes the Encryption Safe Harbor, Limits the Timing of Notice, and Expands “Unauthorized Persons” - Effective July 1, 2016, Tennessee becomes the first state to remove the encryption safe harbor from its data breach...more

Data Security: You Must Know Where the Data Is Located Before You Can Secure It

It is commonplace to turn on the television news and hear of a new data breach from a large retailer or someone else. No one wants the legal problems (not to mention the embarrassment and the hit to reputation) from having...more

You’ve Been Notified: Alabama May Join Other States in Enacting Data Breach Notice Law

Forty-seven states and the District of Columbia have laws requiring notice of a data breach to potentially affected individuals. Alabama may soon join the crowd. Bills creating the Alabama Information Protection Act of...more

Fourth Circuit Finds That Traditional CGL Policies May Continue to Provide Coverage for Cyberliability Claims

A federal U.S. Court of Appeals has confirmed that comprehensive general liability (CGL) and other traditional policies may yet be a source of liability insurance coverage for cyberliabilities. Although a dedicated...more

Cybersecurity Claim Under CGL Policy Prevails Against Strong Insurance Industry Pushback, As Fourth Circuit Upholds Policyholder’s...

On April 11, 2016, the United States Court of Appeals for the Fourth Circuit made headlines by holding that a commercial general liability (“CGL”) policy covers the defense of a data breach-related class action lawsuit. In...more

Hanging Around: Fourth Circuit Confirms the Coverage for Data Breach Can Still Be Found in Traditional Liability Policies

With today’s increased focus on data breaches and related cyber liability exposure, the insurance market continues to develop policies tailored to this unique risk. Insurers are also excluding cyber risks in many traditional...more

Fourth Circuit Expands Cyber Coverage under Commercial General Liability Policies

The United States Court of Appeals for the Fourth Circuit recently affirmed a decision by the United States District Court for the Eastern District of Virginia, Alexandria Division (District Court), finding that Travelers...more

Two Years to Get Ready – GDPR Adopted

After 4 years of negotiation, today the European Parliament adopted the General Data Protection Regulation (“GDPR“). In doing so, it signaled the end of the EU approval process and put businesses on alert that they now have...more

Privacy Tip #30 – Protect yourself and your co-workers: please don’t sell your company credentials

I am on a lot of privacy and security list-serves and keep up with surveys relating to data privacy and security. I was most distressed this week to download SailPoint’s 2016 Market Pulse Survey. Not that it isn’t well...more

44,000 FDIC customers’ data “inadvertently” taken by former employee

In a memo outlining a security incident as required by the Federal Information Security Modernization Act of 2014, the FDIC has admitted that the data of 44,000 FDIC customers was “inadvertently” taken by an employee as the...more

Court Upholds Coverage Under General Liability Policy for Claim Alleging Failure to Protect Data

In an encouraging development for insureds, the United States Court of Appeals for the Fourth Circuit held that a health care company’s general liability insurer was required to defend the company against claims stemming from...more

Insurance Company Must Defend Against Data Breach Class Action, 4th Cir. Says

On Monday, the Fourth Circuit held that Travelers must defend Portal Healthcare in a class action claim arising out of an alleged medical records data breach. The class action, filed in New York state court in April...more

346 Results
|
View per page
Page: of 14
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×