Data Protection

News & Analysis as of

Google, the House of Lords and the timing of the EU Data Protection Regulation

In the Google Spain “Right to be Forgotten” case, the ECJ held that Google must remove links to a newspaper article containing properly published information about a Spanish individual on the basis that the information is no...more

Director Liability for Cybersecurity Risks

If a corporation is the target of a cyberattack resulting in a data breach, its board may be the target of a shareholder derivative action claiming breach of fiduciary duty. A recent example is Palkon v. Holmes, No....more

Hospital Network Reports Large HIPAA Breach

Community Health Systems announced yesterday, August 18th, that hackers broke into its computers and stole data on 4.5 million patients. ...more

New Guidance for Merchants on Ensuring that Service Providers Share Security Responsibility

For merchants, long gone are the days of using a card reader with a dial-up connection to their payment processor. Today’s omni-channel retailers rely on multiple third party service providers to complete payment card...more

OIG Report Takes Issue With Oversight of Security Controls for Electronic Health Records

HHS Office of Inspector General (OIG) recently released a report concluding that the entity responsible for overseeing the testing and certification process for electronic health records (EHRs) did not fully ensure that...more

E-Discovery Matters: “A Guide to ESI Preservation Responsibilities”

I am pleased to announce the availability of our firm’s updated publication, A Guide to ESI Preservation Responsibilities. I believe this white paper serves as a useful resource to anyone dealing with the complicated issue of...more

Bring Your Own Device Doesn't Mean Bring in Security Breach

Bring-Your-Own-Device (“BYOD”) policies have been picking up steam because of increased productivity, improved communications, and the need for employees to work remotely. However, when implementing any BYOD policy there are...more

Consumer Privacy Legislation? All Sides Weigh In But Remain Far Apart in the Big Debate Over Big Data

Recent comments filed by various stakeholders in response to the U.S. Commerce Department’s National Telecommunications and Information Administration’s (NTIA) Request for Public Comment (RFC) on “Big Data and Consumer...more

Privacy and Data Security for Your Nonprofit?: Understanding Your Legal Obligations and Insuring against Risk

In this presentation: - The Cyber Threat Landscape - Top 4 Risks to Nonprofits - Risks Are Getting Riskier… – Part 1: Top 4 Industry Trends – Part 2: Top 4 Legal Developments - Ten Steps...more

Why Cyber Security? [Video]

• Electronic data and credit card information can be compromised due to malware, phishing, spear phishing, data loss and data theft • The risk of cyber liability is real for ALL enterprises whether large or...more

PCI Council Issues Biz Tips to Reduce 3rd Party Security Risk

On August 7, 2014 the PCI Security Standards Council issued new guidance to supplement PCI DSS Requirement 3.0 and help organizations reduce the risks associated with entrusting third-party service providers (“TPSPs”) with...more

Life Sciences Spotlight - Issue 4, 2014

Since our last edition, there has been a number of developments in the Life Sciences sector across the Asia Pacific region and we are pleased to be able to update you on these recent trends. It is evident that the...more

Data Breach Notification, Helpful or Harmful?

Some IT professionals are debating whether they would issue a data breach notification in the event of a hack. Their rationale is that such a notification makes them a target for other hackers and that most of the incidents...more

The Inevitable Cyber Break In: Are You Protected?

The prevalence of cyber data breach over the years has not only grown in number, but has also grown in size. Perhaps the most well-known example of a large-scale data breach is that suffered by Target Corp. occurring at the...more

Russian Crime Ring Possesses Mass Quantities of Stolen Online Information

With recent reports that a Russian crime ring may have stolen the largest collection of online data — including 1.2 billion username and password combinations—effective data security is more critical than ever for all...more

Data Breach Litigation – A New Wave of Class Actions by Financial Institutions

Rarely does a day go by without news of a data security breach. According to the Identify Theft Resource Center, there have been a total of 447 data breaches to date this year, which represents a 20.5% increase over the same...more

Massachusetts Enforces Data Security Regulations Against Out-of-State Entity

On July 23, 2014, the Massachusetts Attorney General announced a consent judgment with an out-of-state Rhode Island hospital, Women & Infants Hospital of Rhode Island (“WIH” or the “Hospital”), resolving a lawsuit against WIH...more

What Companies Can Do to Protect Themselves in the Face of Yet Another Massive Data Breach

Last week it was reported that a small group of Russian computer hackers illegally obtained an unprecedented quantity of internet credentials, including 1.2 billion username and password combinations, and over 500 million...more

Cyber Risks For The Boardroom

The Recent Increase In Focus on Privacy Issues - Privacy issues have been the focus of many state efforts over the past few years. However, the SEC has increased their focus tremendously over the past few months (see...more

Massive Hacking Operation Further Reveals Weakness of Passwords

A small private cybersecurity firm recently revealed that a Russian computer hacking organization amassed more than 1.2 billion username and password combinations. The data was collected across a wide swath of websites, from...more

Payment Cards Security Standards Organization Publishes Third-Party Security Assurance Guidance

On August 7, the PCI Security Standards Council (PCI SSC), the open global forum responsible for setting payment security standards, published an information supplement titled “Third-Party Security Assurance Guidance,” which...more

PCI Security Standards Counsel: Recently Published Recommendations

The PCI Security Standards Council has recently published recommendations for ensuring that payment data and systems entrusted to third parties are maintained in a secure and compliant manner, in accordance with PCI-DSS...more

Privacy and Information Security Alert: Federal Trade Commission Recommendations for Companies Providing Mobile Shopping...

On August 1, 2014, the Federal Trade Commission (FTC) released a report entitled What’s the Deal? An FTC Study on Mobile Shopping Apps (the FTC Report). The FTC Report is based on a study the FTC conducted (the FTC Study) to...more

4 Cases Where Security Awareness Training Could Have Saved The Day

I’m very excited about our upcoming webinar, “Cybersecurity 2014: The Impact on Global Companies,” with Lisa Sotto. She is a well known data privacy rockstar and will provide an overview of cybersecurity in 2014, the current...more

UPDATE: Germany to Tighten Data Protection Laws: Consumer Protection Associations and Trade Associations shall be Granted Right to...

As contemplated in the Newsflash in March 2014, the German Federal Ministry of Justice in June 2014 finally presented the new draft bill that allows consumer protection associations as well as trade associations to take...more

1,490 Results
|
View per page
Page: of 60