Data Protection

News & Analysis as of

OCC Releases Revised Comptroller’s Handbook

On August 20, the OCC released an updated booklet providing guidance to examiners and bankers on assessing and managing the risks associated with merchant processing activities. ...more

Financial Regulatory Developments Focus - August 2014 #4

In this issue: - Derivatives - Bank Prudential Regulation & Regulatory Capital - Consumer Protection - People - Excerpt from Derivatives: Regulators Request FSB to Assist in...more

In Flight Catalog: Senator Rockefeller Opens Inquiry Into Consumer Data Practices by Airlines

Last week, Senator Jay Rockefeller (D-W.Va.) sent a letter to the top ten revenue generating passenger airlines in the United States, opening an inquiry into their practices related to charging additional fees for optional...more

Orrick's Financial Industry Week in Review

Financial Stability Board Publishes Responses to Consultation on Proposed Reforms of the Forex Market - On August 20, the Financial Stability Board (FSB) published responses to its consultation in respect of proposed...more

On whose dime? Court rules California employers must pay employee cell phone expenses

In a world where mobile devices outnumber both personal computers and humans, it’s not surprising that we use our mobile devices for both business and pleasure. In a published opinion sure to wreak havoc with workplace bring...more

Secret Service Raises Warning About Backoff POS Malware

The Secret Service, which investigates financial crimes, issued a security Alert on July 31, 2014, warning of malware named “Backoff” that was being used to steal payment card data from point-of-sale (POS) systems. The Alert...more

Risks of BYOD

Q: BYOD (Bring your own device) is standard for our employees. What, if any, are the risks for BYOD when compared to company-provided devices?...more

Wearable Devices in the Workplace Challenge Data Security and Privacy

Wearable devices, including health and activity monitors, video and audio recorders, location trackers, and other interconnected devices in the form of watches, wristbands, glasses, rings, bracelets, belts, gloves, earrings,...more

We Have Your Data. Pay Up or Else…

You wake on a Tuesday morning expecting to have an average day at work. You are skimming through the emails that came in while you were asleep, when you notice an email from one of your employees. He is not only giving his...more

Delaware Court Finds Password Protection for Electronic Documents Insufficient to Preserve Trade Secrets

Key questions in most trade secret cases are whether information was misappropriated and whether that information qualified as a trade secret in the first place. Under the Uniform Trade Secrets Act’s definition of a trade...more

Week in Review

Significant electronic data breaches made headlines again this week. Supervalu announced that millions of customer credit card numbers were stolen at various stores. ...more

Singapore's first data breach?

The Straits Times reported on 14 August that Singapore’s Personal Data Protection Commission (the “Commission”) is investigating a complaint from a user that Xiaomi has breached the Personal Data Protection Act 2012 (“PDPA”)....more

Russian Hackers Stockpile Over 1 Billion Internet Credentials: Industry Leaders Across All Sectors Likely Impacted

A Russian hacking group reportedly engaged in the largest known cyberattack by amassing over 1.2 billion unique sets of usernames and passwords and 500 million email addresses from more than 420,000 web and FTP sites. The...more

4.5 Million Patients’ Information Stolen by Hackers

Community Health Systems Inc. (“CHS”), a Tennessee-based hospital provider, has reported it was the target of data hackers who were able to obtain identification information belonging to approximately 4.5 million CHS...more

Reasonable Doubt: Data Privacy, Cybersecurity, and the FTC

Today’s cybersecurity environment demands that every business establish effective corporate data privacy and consumer information security systems and practices. But, unfortunately, no single cybersecurity law exits to...more

Community Health Systems' HIPAA Breach: Significant Lessons for Health Care and Non-Health Care Companies

On August 18, 2014, Community Health Systems, Inc. (CHS) publicly confirmed, in a filing with the Securities and Exchange Commission (CHS filing), that its computer network was attacked between April and June 2014 by hackers...more

Google, the House of Lords and the timing of the EU Data Protection Regulation

In the Google Spain “Right to be Forgotten” case, the ECJ held that Google must remove links to a newspaper article containing properly published information about a Spanish individual on the basis that the information is no...more

Director Liability for Cybersecurity Risks

If a corporation is the target of a cyberattack resulting in a data breach, its board may be the target of a shareholder derivative action claiming breach of fiduciary duty. A recent example is Palkon v. Holmes, No....more

Hospital Network Reports Large HIPAA Breach

Community Health Systems announced yesterday, August 18th, that hackers broke into its computers and stole data on 4.5 million patients. ...more

New Guidance for Merchants on Ensuring that Service Providers Share Security Responsibility

For merchants, long gone are the days of using a card reader with a dial-up connection to their payment processor. Today’s omni-channel retailers rely on multiple third party service providers to complete payment card...more

OIG Report Takes Issue With Oversight of Security Controls for Electronic Health Records

HHS Office of Inspector General (OIG) recently released a report concluding that the entity responsible for overseeing the testing and certification process for electronic health records (EHRs) did not fully ensure that...more

E-Discovery Matters: “A Guide to ESI Preservation Responsibilities”

I am pleased to announce the availability of our firm’s updated publication, A Guide to ESI Preservation Responsibilities. I believe this white paper serves as a useful resource to anyone dealing with the complicated issue of...more

Bring Your Own Device Doesn't Mean Bring in Security Breach

Bring-Your-Own-Device (“BYOD”) policies have been picking up steam because of increased productivity, improved communications, and the need for employees to work remotely. However, when implementing any BYOD policy there are...more

Consumer Privacy Legislation? All Sides Weigh In But Remain Far Apart in the Big Debate Over Big Data

Recent comments filed by various stakeholders in response to the U.S. Commerce Department’s National Telecommunications and Information Administration’s (NTIA) Request for Public Comment (RFC) on “Big Data and Consumer...more

Privacy and Data Security for Your Nonprofit?: Understanding Your Legal Obligations and Insuring against Risk

In this presentation: - The Cyber Threat Landscape - Top 4 Risks to Nonprofits - Risks Are Getting Riskier… – Part 1: Top 4 Industry Trends – Part 2: Top 4 Legal Developments - Ten Steps...more

1,506 Results
|
View per page
Page: of 61