Data Protection

News & Analysis as of

Heartbleed: What to do now

Hardly a day passes now without some new report of a security vulnerability with inevitable breaches that follow, but Monday’s news about the two-year old vulnerability in OpenSSL is (or should be) catching everyone’s...more

Finally…FDASIA Health IT Regulation Report Released

The U.S. Food and Drug Administration (FDA), along with HHS’ Office of the National Coordinator for Health Information Technology (ONC) and the Federal Communications Commission (FCC, together with FDA and ONC, the...more

The FDASIA Health IT Report

On April 7, 2014, the Food and Drug Administration (FDA) released a report entitled “FDASIA Health IT Report: Proposed Strategy and Recommendations for a Risk-Based Framework” (the “Report”). The Report was mandated by...more

Privacy Tuesday – April 14, 2014: Heartbleed Headaches

Last week was certainly the “week of the Heartbleed.” Unless you have been on vacation on a remote island (and if so, good for you!), you have heard and read much about the latest mass bug to infect the Internet....more

With OpenSSL Compromised by Heartbleed, an Opportunity for Companies to Diversify Cyber Security Efforts

The recent discovery of the “Heartbleed” online bug has sent shockwaves through the internet, causing companies and individuals alike to question very basic assumptions about cyber security. The bug has allegedly existed for...more

FTC Data Security Authority Confirmed, For Now: Wyndham’s Motion to Dismiss Denied

The FTC’s Claim - A New Jersey federal judge has confirmed the Federal Trade Commission’s (“FTC”) authority to regulate data security and bring claims against companies suffering data breaches due to inadequate...more

Will Heartbleed Affect Data Breach Insurance Coverage?

Although it is a widespread exploit that has been undetected for two years, whether or not a CGL policy covers data breaches allowed by Heartbleed should turn, simply, on whether the policy covers data breach at all...more

Kentucky Enacts Data Breach Notification Statute

On April 10, 2014, Kentucky Governor Steve Beshear signed H.B. 232 into law, making Kentucky the 47th state to enact data breach notification legislation. Prior to H.B. 232, Kentucky was one of only four states—including...more

Article 29 Working Party issues draft model clauses processor-to-subprocessors

Recently the Article 29 Working Party, an independent advisory body composed by the representatives the EU Member States’ data protection authorities, issued a working document on draft model clauses for the international...more

Part II: Fair Notice or No Notice? The Wyndham Worldwide Case and the Expanding Power of the FTC to Police Data Security

In our first blog in this series, we provided a summary of the District Court of New Jersey’s recent decision in FTC v. Wyndham Worldwide Corp., in which Judge Salas confirmed the FTC’s authority to bring enforcement actions...more

Week in Review - April 14, 2014

With technological innovations appearing daily in the workplace, employers must continually evaluate how best to proactively prepare for and respond to these changes. As you do your planning, you might want to check out the...more

Aggressive Liability Theory Does Not Eliminate Obstacles To Banks’ Claims In Target Data Breach Class Action

The latest salvo in the Target data breach litigation is a class action brought by credit card issuing banks advancing a creative and somewhat misleading construction of the Minnesota’s Plastic Card Security Act. The banks...more

OCR Releases Information on What Phase 2 HIPAA Audits Will Look Like

The HHS Office for Civil Rights (OCR) recently presented information about the new look of its Phase 2 audit program. The new audits will look little like the old ones, with OCR conducting the audits itself and focusing on...more

DOJ & FTC Release Cybersecurity Threat Information Exchange Policy

The US DOJ Antitrust Division and the FTC yesterday released a joint policy statement on the sharing of information between private parties, including competitors, to counter cybersecurity threats. The agencies acknowledge...more

“Heartbleed” Bug – Antibiotics Won’t Help, Changing Passwords Might

After recovering from high-profile data breaches at Target and Neiman Marcus, signing up for free credit monitoring and analyzing our credit reports, a new Internet villain recently emerged: the “Heartbleed Bug.” The...more

Bitter C-Suite: Privacy, Security and Data Protection Issues Facing Corporations, Directors and Officers [Video]

With data breaches, cyberterrorism and governmental enforcement of the protection of privacy on the rise, corporations are facing an increased likelihood of claims, legal proceedings and costs. Without a proper understanding...more

Balancing the data privacy debate: The benefits of big (and little) data

Comments to the White House's recent request for comments on "big data" and how it affects Americans were due April 4, but even before all the comments have been reviewed, we can be pretty sure that, as usual, most business...more

European Data Protection Supervisor Issues Big Data Opinion

The European Data Protection Supervisor (EDPS) has issued a preliminary opinion that addresses some of the issues and convergences in EU data protection, consumer protection and competition laws that are not up to date with...more

Europe Under Review : Part 2 Of 8 – Data Collection

As the next in our series of “back to privacy basics”, we look the rules regarding collection and processing of personal data. As we will do throughout this series, we take a look at the current position and what is...more

An Overview of the 2014 Class Action Survey [Video]

To read the full 2014 Class Action Survey report, please visit ClassActionSurvey.com. Fifty-two percent of major companies are currently engaged in class action litigation. This percentage has remained fairly consistent...more

Heartbleed - A Picture Is Worth A Thousand Words

We mentioned in our prior post the potential legal issues that The Heartbleed Bug will create from the standpoint of data breach and safe harbor, especially given the prospect of compromised keys. A number of people, however,...more

Law À La Mode - Issue 13 - April 2014

In This Issue: - PRIVACY BY DESIGN? FASHION FLAIR TRANSFORMS WEARABLE TECHNOLOGIES: The rise of the wearables – and the data protection challenges they bring - EFFECTIVELY DELIVERING IT SERVICES IN THE RETAIL...more

Trade Secrets? Tips For Keeping Data Safe

The leak of National Security Agency (NSA) data by computer contractor Edward Snowden ignited a global discussion about secrets of all kinds. For business owners, the increased odds of high tech theft are good reason to...more

Federal Court Upholds FTC’s Authority To Bring Enforcement Actions Over Data-Security Standards; Will Class Actions Follow?

Already, 2014 has been an eventful year in the world of data breaches and cybersecurity. In addition to a flurry of litigation over high-profile breaches at the start of the year, the National Institute for Standards and...more

New HIPAA Tool Released by the Federal Government – Makes Assessing Risks Easier and It Won’t Cost You a Dime

Do you lie awake at night wondering if you or the health care entity for which you work is complying with the Health Insurance Portability and Accountability Act (“HIPAA”)? If so, you will be happy to hear that a good night’s...more

1,135 Results
|
View per page
Page: of 46