Data Protection

News & Analysis as of

Target Becomes a Target: Proposed California Bill Aims to Make Retailers Liable for Data Breach Incidents

Following a string of high-profile data breaches and new data suggesting that approximately 21.3 million customer accounts have been exposed by data breach incidents over the past two years, the California legislature has...more

Part III: Has Congress Spoken and Does It Really Matter? The Wyndham Worldwide Case and the Expanding Power of the FTC to Police...

In the first and second parts of this series, we provided a summary of the District Court of New Jersey’s recent decision in FTC v. Wyndham Worldwide Corp. and then focused on whether the FTC has given “fair notice” to...more

Week in Review

Employers and their IT departments are always looking for ways to protect their data in this age of constantly changing technology. One new form of protection that may become available to employers is a "kill switch" on...more

Corporate acquisitions involving government contractors: DOD codifies significant security clearance-related risk

The US Department of Defense has published an Interim Final Rule assigning responsibilities and establishing requirements related to the National Industrial Security Program (NISP). See 79 Fed. Reg. 19467....more

SEC Says the Cyber Police Are Coming

Pretty soon we’ll all be data privacy lawyers. The SEC is certainly doing its part to ensure that comes to pass. Earlier this year the SEC’s Office of Compliance, Inspections, and Examinations announced that its 2014...more

BYOD: Where the Employee and the Enterprise Intersect

The proliferation of bring your own device programs – or “BYOD” as it is commonly referred – has drastically changed today’s corporate workplace environment. Employees are availing themselves of smart phones, tablets, and...more

Federal Court Refuses to Dismiss FTC Data Security Authority

On April 7, 2014, in a landmark decision with broad implications for American businesses, the U.S. District Court for the District of New Jersey upheld the U.S. Federal Trade Commission’s authority to regulate data security...more

Iowa Adds AG Data Breach Notice Requirement

On April 3, Iowa Governor Terry Branstad signed SF 2259, which amends the state’s data breach notice law to add a requirement that businesses that experience a data breach notify the state attorney general’s office within...more

FTC Still In Charge Of Privacy Enforcement: Ten Lessons From Wyndham

The Federal Trade Commission (FTC ) is the most active and aggressive federal government agency to investigate and enforce data privacy and security laws against businesses. Section 5 of the FTC Act empowers the agency to...more

Cyberliability Developments in the Offshore Jursidictions

The offshore jurisdictions are catching up fast with legal issues relating to cybercrime, cyberliability, and the use and discovery of electronic documents. In the wake of the embarrassing leak in April 2013 of about...more

Tax Developments Affecting Health Care Organizations (Presentation)

In this Issue: •Income recognition issues associated with bundled payment arrangements •Income recognition related to electronic health records •Developments involving the nonaccrual experience method of...more

U.S. and U.K. Sign Memorandum of Understanding for Collaboration on Data Privacy Enforcement

Citing the increasing frequency with which consumer information crosses international borders and the need for coordinated monitoring and enforcement strategies related to consumer privacy, the U.S. Federal Trade Commission...more

Heartbleed Won’t Bring Cardiac Arrest for Ediscovery

How do you stop a security professional’s heart from beating? Two words: security breach. In today’s “Internet of Everything” environment, the impact of a security breach can be felt around the world and back again…in...more

Cyber Insurance: A Last Line of Defense When Technology Fails

As cyber risks increase, specialized insurance policies can protect companies, but only if those policies are appropriately tailored and negotiated. Daily news headlines reveal the escalating, and costly, problem of...more

Kentucky Becomes The 47th State To Enact A Data Breach Notification Law

Kentucky is now the 47th state with a data breach notification law, a development that should be of interest not only to Kentucky-based entities, but also to entities that do business in Kentucky and have personal information...more

Heartbleed: What to do now

Hardly a day passes now without some new report of a security vulnerability with inevitable breaches that follow, but Monday’s news about the two-year old vulnerability in OpenSSL is (or should be) catching everyone’s...more

Finally…FDASIA Health IT Regulation Report Released

The U.S. Food and Drug Administration (FDA), along with HHS’ Office of the National Coordinator for Health Information Technology (ONC) and the Federal Communications Commission (FCC, together with FDA and ONC, the...more

The FDASIA Health IT Report

On April 7, 2014, the Food and Drug Administration (FDA) released a report entitled “FDASIA Health IT Report: Proposed Strategy and Recommendations for a Risk-Based Framework” (the “Report”). The Report was mandated by...more

Privacy Tuesday – April 14, 2014: Heartbleed Headaches

Last week was certainly the “week of the Heartbleed.” Unless you have been on vacation on a remote island (and if so, good for you!), you have heard and read much about the latest mass bug to infect the Internet....more

With OpenSSL Compromised by Heartbleed, an Opportunity for Companies to Diversify Cyber Security Efforts

The recent discovery of the “Heartbleed” online bug has sent shockwaves through the internet, causing companies and individuals alike to question very basic assumptions about cyber security. The bug has allegedly existed for...more

FTC Data Security Authority Confirmed, For Now: Wyndham’s Motion to Dismiss Denied

The FTC’s Claim - A New Jersey federal judge has confirmed the Federal Trade Commission’s (“FTC”) authority to regulate data security and bring claims against companies suffering data breaches due to inadequate...more

Will Heartbleed Affect Data Breach Insurance Coverage?

Although it is a widespread exploit that has been undetected for two years, whether or not a CGL policy covers data breaches allowed by Heartbleed should turn, simply, on whether the policy covers data breach at all...more

Kentucky Enacts Data Breach Notification Statute

On April 10, 2014, Kentucky Governor Steve Beshear signed H.B. 232 into law, making Kentucky the 47th state to enact data breach notification legislation. Prior to H.B. 232, Kentucky was one of only four states—including...more

Article 29 Working Party issues draft model clauses processor-to-subprocessors

Recently the Article 29 Working Party, an independent advisory body composed by the representatives the EU Member States’ data protection authorities, issued a working document on draft model clauses for the international...more

Part II: Fair Notice or No Notice? The Wyndham Worldwide Case and the Expanding Power of the FTC to Police Data Security

In our first blog in this series, we provided a summary of the District Court of New Jersey’s recent decision in FTC v. Wyndham Worldwide Corp., in which Judge Salas confirmed the FTC’s authority to bring enforcement actions...more

1,150 Results
|
View per page
Page: of 46