Data Breach Settlement

News & Analysis as of

Latest Data Breach Settlement Illustrates Need for Companies to Prioritize Cybersecurity

On Aug. 5, 2016, the New York attorney general, Eric Schneiderman, announced a $100,000 settlement with an e-retailer following an investigation of a data breach that resulted in the potential exposure of more than 25,000...more

HIPAA Security Rule Compliance for Providers & Business Associates in Three Easy Steps

On August 4, 2016, the Office for Civil Rights (“OCR”) of the U.S. Health & Human Services Department (“HHS”) announced a $5.55 million HIPAA settlement with Advocate Health Care Network (“Advocate”), the largest...more

New York A.G. Announces $100k Settlement Over Data Breach

On August 5, New York Attorney General Eric T. Schneiderman announced a settlement with Provision Supply, LLC d/b/a EZcontactsUSA.com, imposing $100,000 in penalties and ongoing obligations to maintain certain security...more

$2.75 Million OCR Settlement Underscores the Importance of Risk Management and Analysis

How the theft of a single password-protected laptop turned into an enterprise-wide review of an organization’s data protection practices. Following the announcement of a recent settlement between the U.S. Department of...more

It’s Not the Olympics, but OCR Sets New HIPAA Settlement Records

Athletes at the Rio Olympics aren’t the only ones setting records this year. Hoping to send a “strong message” about the importance of safeguarding electronic protected health information (PHI) and conducting mandated risk...more

Record-Breaking HIPAA Settlement Sends Strong Message to Covered Entities

This month marked the largest HIPAA settlement to-date for a single entity. Advocate Health Care Network (“Advocate”) agreed to pay $5.5 million and adopt a corrective action plan after an investigation by the Department of...more

Latest OCR HIPAA Settlement Provides Lessons for Covered Entities

Capping off a busy month of HIPAA settlements, on August 4, the Office for Civil Rights (“OCR”) announced a $5.55 million settlement with Advocate Health Care Network (“Advocate”), the largest fully-integrated healthcare...more

Cybersecurity and Data Privacy: Attorney General Reaches Six-Figure Settlement With Entity That Failed to Provide Required Data...

A recent settlement announced by the New York Attorney General’s Office has made clear that failing to provide the required notifications after experiencing a data breach can prove very costly. On August 5th, the Attorney...more

Blog: Advocate Data Breaches Result in Largest HIPAA Settlement To Date

On August 8th, 2016, the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) issued the largest Health Insurance Portability and Accountability Act (HIPAA) settlement to date with Advocate Health...more

Largest HIPAA Settlement Announced Against A Single Entity: $5.55 Million

On August, 4, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced that Advocate Health Care Network (Advocate) agreed to pay a settlement amount of $5.55 million and adopt a...more

Largest Health & Human Services HIPAA Settlement Wake-Up Call for Covered Entities to Evaluate and Mitigate Risks

On Thursday, August 4, 2016, the U.S. Department of Health & Human Services, Office of Civil Rights (OCR) announced the largest settlement ever with a single entity for multiple potential Health Insurance Portability and...more

2.7 Million Dollar HIPAA Settlement

Last week, Oregon Health & Science University (“OHSU”) agreed to pay $2.7 million to resolve potential violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Security Rule, Privacy Rule, and...more

OCR’s Recent $2.7 Million Settlement with Oregon Health & Science University Highlights the Importance of HIPAA Compliance...

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) and Oregon Health & Science University (OHSU) recently entered into a resolution agreement to settle potential violations of HIPAA’s Privacy and...more

Mille Lacs County in Minnesota settles for $1 million after former employee accesses driver and vehicle database for personal gain

Last week, Mille Lacs County and former investigator for the Mille Lacs County Family Services, Mikki Jo Peterick, agreed to pay $1 million to settle a proposed federal class action which alleged that a former employee of...more

Bad News for HIPAA Business Associates: HHS OCR Announces $650,000 Settlement for BA Breach

Catholic Health Care Services of the Archdiocese of Philadelphia (“CHCS”), a HIPAA business associate, has agreed to pay the Department of Health and Human Services Office of Civil Rights (“OCR”) $650,000 in connection with a...more

SEC Steps Up Cybersecurity Enforcement with $1 Million Fine Against Morgan Stanley

The Security and Exchange Commission’s (“SEC”) recent $1 million settlement with Morgan Stanley Smith Barney LLC (“MSSB”) marked a turning point in the agency’s focus on cybersecurity issues, an area that the agency has...more

Retail and Consumer Products Law Roundup - June 2016

President Signs Legislation Modernizing Federal Chemical Regulation Law - Overhaul of Toxic Substances Control Act (TSCA) has important business implications for consumer product manufacturers and retailers. ...more

Early Settlement of the Home Depot Consumer Data Breach Claims – The Start of a Trend?

Last week, a federal court in Atlanta issued an order preliminarily approving a proposed settlement – valued up to $19.5 million – of the consumer claims arising from the 2014 theft of payment card data from Home Depot. The...more

Wyndham Settles with FTC

Last month, Wyndham Worldwide Corp. settled its lengthy civil case with the Federal Trade Commission. The suit began in 2012, when the FTC sued Wyndham and three of its subsidiaries, alleging three data breaches between 2008...more

FTC and Wyndham Settle Suit Regarding Wyndham's Alleged Cybersecurity Failures

On December 9, 2015, the Federal Trade Commission (the "FTC") and Wyndham Worldwide Corporation (and three additional Wyndham entities, collectively, "Wyndham") filed a stipulated order ("Stipulated Order") settling their...more

Uber Enters Into Settlement Regarding May 2014 Data Breach, Halting New York Attorney General’s Investigation Into Uber’s...

On Wednesday, January 6, 2016, New York’s Attorney General announced a settlement with Uber Technologies, Inc. (“Uber”), which requires the company to institute a number of practices intended to increase the data privacy of...more

As if a 20-Year Consent Order Wasn’t Enough Fun: FTC Brings First Monetary Settlement in Information Security Case

The FTC reached a $250,000 settlement with a 20-year consent order with Henry Schein Practice Solutions, Inc. over its use of allegedly subpar encryption technology in its offering to dental practices. This settlement is...more

The FTC Strikes Back: LifeLock, Inc. Agrees to $100 Million Payout

On December 17, 2015, the Federal Trade Commission (FTC) announced a $100 million settlement with LifeLock, Inc., to resolve litigation with the FTC and a national class of consumers relating to LifeLock’s marketing...more

FTC and Wyndham Call a Truce

Following the Third Circuit’s ruling upholding the FTC’s authority to regulate unfair and deceptive cybersecurity practices under Section 5 of the FTC Act, Wyndham Worldwide Corporation and the FTC have agreed to settle. ...more

Target Settles Data Breach Class Action Suit With Banks For $39 Million

Target has agreed to a $39 million settlement in a class action suit with several U.S. banks stemming from Target’s massive 2013 data breach. That data breach affected customers who shopped at U.S. Target stores between...more

101 Results
|
View per page
Page: of 5
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×