Data Collection Data Breach

News & Analysis as of

Retailers: Beware of Pitfalls in Your Card Payment Function

What card payment rules must a retailer operating in the United States follow? MS: When a merchant uses, transmits, stores or outsources the credit card function, it is subject to a number of rules in the U.S.,...more

California Amends Breach Notification Law: Unique New Refinements and Requirements

The California legislature has again amended the state’s breach notification statutes to impose new and unique requirements and refinements, adding further complexity to the patchwork of breach notification requirements....more

NAIC Cybersecurity Task Force Adopts Cybersecurity Bill of Rights

On October 14, 2015, the National Association of Insurance Commissioners’ (NAIC) Cybersecurity Task Force adopted the Cybersecurity Bill of Rights, a document meant to inform consumers of the services they can expect from...more

Three Trending Topics in IoT: Privacy, Security, and Fog Computing

Cisco has estimated that there will be 50 billion Internet of Things (IoT) devices connected to the Internet by the year 2020. IoT has been a buzzword over the past couple of years. However, the buzz surrounding IoT in the...more

Could a Vendor’s Lax Info Security Ruin Your Holiday Sales? Seven Preventative Steps for Retailers

Many of the largest retailer data security breaches have been caused or enabled by the acts or omissions of retailers’ vendors, such as the widely publicized incident at Target Corporation. Several such breaches occurred...more

PRIVACY POLICIES AND THE SALE OF CORPORATE ASSETS: It pays to plan ahead to preserve the value of your data assets

Personal data is a valuable corporate asset. At times, the personal information collected from customers (such as email address, mailing address, phone number, etc.) can be a company’s most valuable asset. Unfortunately,...more

“My, what beautiful eyes you have . . .” – Biometric Data and Privacy

Biometric data – obviously not in just the movies anymore. It is alive, well, and increasingly being used in our everyday society. But, on September 23, 2015, when the Office of Personnel Management revealed that fingerprint...more

States Continue To Grapple With Data Breach Notification Issues

Connecticut’s data breach notification law currently requires notification “without unreasonable delay.” Effective October 1, 2015, Connecticut will (a) require notice of any breach of security not only “without unreasonable...more

FTC Gives Words of Warning to the Wise

The Federal Trade Commission has issued new guidance on data security to help businesses that collect, store and use consumer information to stay out of hot water with the agency. Gleaned from the more than 50...more

What is reasonable? The emerging legalities of cybersecurity post-Wyndham

This month’s edition of the Advanced Cyber Security Center’s newletter includes my discussion of lessons to be learned from the Wyndham decision: Historically, security was an issue reserved in a back room for the IT...more

Strange Bedfellows: Technology Issues in Real Estate Transactions, Part 2

This blog is the second part of a two-part series on key contracting issues with technology service providers, and the focus is specifically geared toward companies doing business in the real estate industry. As noted in Part...more

Russia’s new data law

Russia’s new Data Localisation Law went live yesterday on 1 September. Many companies with operations in Russia are scratching their heads about how to comply. The Basics - The new law applies to businesses with a...more

Privacy & Cybersecurity Update - August 2015

Third Circuit Affirms FTC’s Authority Over Cybersecurity: In the Wyndham case, the Third Circuit affirmed that the FTC has the authority to regulate cybersecurity under Section 5 of the FTC Act, and that the language of...more

Six Ways for Data-Driven Medical Device Companies to Implement Effective Privacy and Security Measures

The increasing amounts of health information being generated, stored and collected have heightened the special risks medical device manufacturers have long faced. In addition to the nexus to patient health and safety, if a...more

The ABCs of COPPA Compliance

In today’s environment – when data breaches seem to be in the news nearly every day – the media, regulators and many others are hyper-focused on privacy issues. Schools and educational institutions are no exception when it...more

Cybersecurity is once again a hot topic as Illinois undergoes PIPA update

Cybersecurity is a hot topic at both the state and federal level. Specifically, Illinois is in the process of amending its Personal Information Protection Act (“PIPA”). Illinois SB 1833 will amend PIPA by establishing more...more

FTC Provides Data Security Guidance to Businesses Based on Lessons From Past Enforcement Actions

On June 30th, the Federal Trade Commission (FTC) published a guide titled Start With Security: A Guide for Business, providing 10 lessons learned from the over 50 enforcement actions brought by the FTC against companies that...more

25 year old sentenced to 13 years for hacking data broker databases

The Department of Justice has announced that 25 year old Hieu Minh Ngo has been sentenced to 13 years in prison. His sentence was lighter than expected because he has cooperated with authorities to catch more identity...more

FTC Releases Data Security Guide for Businesses

The Federal Trade Commission (FTC) has released a guide for businesses with practical tips and advice to help organizations better secure their data. The guide, Start With Security, draws on more than 50 data security...more

Use of File-Sharing Service Leads To $218,400 Fine For HIPAA Violations

Internet-based file-sharing services such as Dropbox and Google Drive can be easy and convenient to use, whether via the touch of an app on a mobile device or by opening a browser on a PC. Healthcare professionals are often...more

Alert: FTC Releases New Data Security Guide: 50 Mistakes to Avoid in 10 Lessons

The Federal Trade Commission (FTC) has brought over 50 cases against companies that put consumer data at unreasonable risk. On June 30, 2015, the FTC released a guide titled Start with Security that summarizes 10 lessons the...more

Privacy & Cybersecurity Update - May 2015

In This Issue: - Second Circuit Rules Patriot Act Does Not Authorize Bulk Metadata Collection; Congress Reconsiders Certain Patriot Act Authorities - SEC Issues Cybersecurity Guidance for Investment Companies...more

Nevada Expands PI Definition under Data Breach Law

Becomes the fifth state to amend its data breach statute since January 2015 The definition of “personal information” (“PI”) just got a little bit bigger in the Silver State. On May 13, Nevada Governor Brian Sandoval signed...more

Hackers seek to access intellectual property assets of higher educational institutions

College and universities, like many other businesses and organizations, defend against millions of cyberattacks each day. Most recently, Penn State’s College of Engineering discovered a multi-year long cyberattack seeking...more

Employee Benefits Developments - April 2015

Health Insurance Company’s HIPAA Breach Affects Millions. At the end of January, a national BlueCross BlueShield affiliate, Anthem, Inc., discovered that its information technology systems were hacked. The information...more

53 Results
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.