Data Protection

News & Analysis as of

Do As We Say, Not As We Do: Audit Reveals Unencrypted IRS Emails Put Taxpayer Data at Risk

With tax season around the corner, the Internal Revenue Service (IRS) has begun its yearly campaign to educate taxpayers on the importance of protecting their personal information. However, a recent audit of the agency’s...more

“Sorry, Santa, the Kids’ Data Is Stuck In Russia!” ~ Plus LinkedIn Not Feeling the Love from Russia

LinkedIn has become the first major company to have access to its website in Russia blocked by the Russian Data Protection Authority, Roskomnadzor, following earlier Moscow Court decisions on 4 August and 10...more

NY Financial Services Companies’ 2017 Resolution: Cybersecurity

The New York State Department of Financial Services (DFS) made headlines back in late September with a “first-in-the-nation” piece of legislation aimed at mandating specific cybersecurity protocols for banks, insurance...more

Data Security for Employers: An Update

Employers store, manage, and share sensitive data about employees. The Navigator and other commentators have written a lot about issues related to personally identifiable information, health-related data, and employee...more

New FTC Data Breach Response Guidelines

Cybersecurity should always be at the top of any retailer’s priority list—and even more so as the holiday shopping season gets underway. To that end, the Federal Trade Commission’s newly-released Data Breach Response...more

Lessons from Adobe’s State AG Data Breach Settlement

Last month, several state Attorneys General announced a $1M settlement with Adobe Systems, Inc. in connection with a 2013 data incident involving the personal information of roughly 534,000 consumers. The 15 Attorneys General...more

There’s No Flying Under the Radar: Why Small Businesses Should Get Smart About Information Security

The latest publication by the National Institute of Standards and Technology (NIST), entitled “Small Business Information Security: The Fundamentals,” aims to promote and assist small businesses in their efforts to manage...more

FTC Publishes Data Breach Response Guidelines

Whether resulting from a planned cyberattack or mere carelessness, data breaches are on the rise. In 2015, 781 data breaches were reported across the United States, with the average breach costing $3.8 million. In 2016, the...more

DFARS and DIB: Compliance Steps for DoD’s Newly Finalized Cybersecurity Rules for Contractors

For businesses that work with the U.S. Department of Defense (“DoD”), two important rules for safeguarding certain categories of sensitive information and reporting cyber incidents were recently finalized, updating the...more

OCR Issues Alert Regarding Phishing Email Disguised as Official OCR Audit Communication

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published an alert on Nov. 28 describing a phishing email being circulated on mock HHS departmental letterhead under the signature of OCR...more

Center for Cyber & Homeland Security Issues Report on How the Private Sector Can Actively Defend Against Cyber Threats

Earlier this year, the Center for Cyber & Homeland Security at the George Washington University (“Center”) announced a new project on active defense against cyber threats. The Center established a high-level task force to...more

HHS OCR Alert: Phishing Email Disguised as Official OCR Audit Communication

This alert just in from HHS OCR: “It has come to our attention that a phishing email is being circulated on mock HHS Departmental letterhead under the signature of OCR’s Director, Jocelyn Samuels. This email appears to...more

OCR Warns of Phishing Campaign Disguised as Official OCR Communication

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published an alert on Monday describing a phishing campaign disguised as an email from OCR. The email is being circulated on mock HHS...more

NIST Issues Internet of Things (IoT) Guidance

Smart machines connected to the internet have become ubiquitous in our daily lives. They make up the Internet of Things (“IoT”), a vast web of interconnected iPhones and Fitbits, tablets and cameras, even baby monitors and...more

FINRA Fines Lincoln Financial Group $650,000

A Lincoln Financial Group subsidiary has agreed to accept a $650,000 fine levied against it by the Financial Industry Regulatory Authority (FINRA) and to implement more robust security controls for a 2012 hacking that...more

Alert: Congressional Hearings and NIST Publication Continue Focus on IoT Security

Two actions in the past few weeks reflect the continuing government involvement in and concern over the security of Internet of Things (IoT) devices. Attacks using connected devices have highlighted security vulnerabilities...more

Michigan AG Steps In to Defend State Privacy Law

The Michigan attorney general intervened November 22 in a suit brought under a Michigan privacy law, making it one of the first times a state attorney general has weighed in on a case involving data use. Michigan AG Bill...more

Privacy Tip #62 – PoisonTap Can Compromise Computer with USB Stick

Security researcher Samy Kamkar has announced that a new hacking tool—PoisonTap—can be loaded onto a USB stick and used to hijack the Internet connection of one’s computer....more

Brexit: Impact on data protection

Following the UK's vote to leave the European Union, we consider the potential implications for data protection compliance. ...more

New IBM/Ponemon Study Shows Low Organizational Cyber Resilience

A new IBM/Ponemon Study released late last week, 2016 Cyber Resilient Organization, reveals that only 32 percent of IT and security professionals believe that their organization has a “high” level of cyber resilience....more

Hints of a Narrowing of the FTC’s Section 5 Authority Under a Trump Presidency

The transition of power from President Barack Obama to President-Elect Donald Trump is underway. Although President-Elect Trump did not lay out specific policy prescriptions about data privacy or consumer protection during...more

EU Releases Amendments to Model Clause and Country-Whitelisting Decisions – with Good News for Companies

Most privacy professionals are familiar with the European Court of Justice’s 2015 Schrems decision, which struck down the US-EU Safe Harbor mechanism. One lesser-discussed aspect of the ECJ’s decision related to the powers...more

Implementing the GDPR: What You Need to Know

Data protection procedures will require an overhaul for any company that offers goods and services, or tracks individuals, in the EU under the European General Data Protection Regulation (GDPR) to take effect from 25 May...more

NIST Releases Guidance on Internet of Things

The National Institute of Standards and Technology (NIST) recently released guidance for the makers of devices that use or are connected to the Internet to build robust security measures into the design of products from the...more

Data Breach Decision Points: Part 8

The best way for a company to handle a data breach is to be prepared. As we discuss in our data breach readiness handbook, preparation includes, among other things, drafting an incident response plan, reviewing...more

2,917 Results
|
View per page
Page: of 117
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×