Data Security

News & Analysis as of

New York A.G. Announces $100k Settlement Over Data Breach

On August 5, New York Attorney General Eric T. Schneiderman announced a settlement with Provision Supply, LLC d/b/a EZcontactsUSA.com, imposing $100,000 in penalties and ongoing obligations to maintain certain security...more

The Digital Download - Alston & Bird’s Privacy & Data Security Newsletter – August 2016

General Data Protection Regulation (GDPR) Published, Commencing Two-Year Countdown to Application. One of the most important EU legislative initiatives in recent years, and a landmark in privacy regulation worldwide, the GDPR...more

Now is a Good Time to Review Your HIPAA Policies

The HHS Office for Civil Rights (OCR) has announced it is increasing its investigations of breaches of unsecured protected health information (PHI) affecting fewer than 500 individuals. As a reminder, the HIPAA Breach...more

FTC Finds Laboratory Security Practices Caused Consumer Harm

On July 28, 2016, a panel (the “FTC Panel”) of three acting Federal Trade Commission (“FTC”) commissioners issued an opinion that found that LabMD, Inc. (“LabMD”) failed to implement reasonable security measures to protect...more

$2.75 Million OCR Settlement Underscores the Importance of Risk Management and Analysis

How the theft of a single password-protected laptop turned into an enterprise-wide review of an organization’s data protection practices. Following the announcement of a recent settlement between the U.S. Department of...more

Unanimous FTC Finds LabMD’s Data Security Practices Violated Section 5 of the FTC Act

On July 29, 2016, a unanimous Federal Trade Commission (“FTC” or “Commission”) issued its Opinion and Final Order reversing the decision of an administrative law judge (“ALJ”) and holding that LabMD engaged in “unfair”...more

SaaS Adoption Continues to Rise Despite Security Concerns

Software as a Service (SaaS) adoption has continued to climb with each passing year. Major contributors to this have been ease of deployment, improved productivity and lower cost of ownership. Furthermore, organizations have...more

Best Practices to Thwart Hackers Using Email to Get Your Money

Not a week goes by without some news report of another hacking incident. The industries targeted include large retail stores, restaurants, banks, attorneys, accountants and recently in Maryland, a title company. In...more

Employment Law Navigator – Week in Review: August 2016 #3

Last week, Vanity Fair reported that the ongoing settlement talks between Gretchen Carlson and Roger Ailes may contemplate a settlement payment in the eight-figure range as more and more women claim sexual harassment by the...more

Researchers say Chip-based Credit Cards aren’t as Secure as we Thought

Payment technology company, NCR Corporation (NCR), determined last week that the new chip-based credit card technology isn’t as secure as we thought. The technology behind these chip cards that is supposed to make them more...more

Online Contacts and Eyewear Retailer Pays $100,000 Penalty to New York AG for Security Failures

Online retailer Provision Supply LLC (Provision Supply) (operator of EZContactsUSA.com which sells contacts and eye glasses) settled with the New York attorney general last week for its failure to notify its web customers of...more

Got Data? Actual Harm Not Required for FTC Enforcement Action for Lax Security Measures

While much of Washington, D.C. is enjoying the slow and hazy days of summer, the Federal Trade Commission (FTC) is staying busy solidifying its presence as the go-to authority for data security. Most recently, on July 29,...more

Lessons for Businesses from FTC’s Opinion on LabMD’s Data Security Practices

The Federal Trade Commission (FTC) has issued an Opinion and Final Order finding that the data security practices of LabMD, Inc. were unreasonable, and therefore constituted an unfair act or practice in violation of Section 5...more

LastPass Security Vulnerabilities Discovered

Passwords have always been a challenge. It is hard to remember them, and you are not supposed to use the same password across different platforms. Several companies, including LastPass, have tried to help consumers with...more

The FTC Rules Against LabMD in On-Going Data Security Case

The lengthy saga between the Federal Trade Commission (FTC) and LabMD, Inc. reached another turning point on July 28, 2016. The FTC issued its unanimous Opinion in which it found that LabMD’s data security practices were...more

Pokémon GO Exposes Risks of Bring-Your-Own-Device (BYOD) Policies

There’s no denying it: Pokémon GO is a phenomenon. The smartphone game, in which players use their mobile device camera and GPS to capture, battle, and train virtual creatures, was released in the United States on July...more

Record-Breaking HIPAA Settlement Sends Strong Message to Covered Entities

This month marked the largest HIPAA settlement to-date for a single entity. Advocate Health Care Network (“Advocate”) agreed to pay $5.5 million and adopt a corrective action plan after an investigation by the Department of...more

White House Directive Outlines Who to Call for Help with a Cyber Incident

Last week, the White House issued a new directive that outlines how the government handles significant cyber incidents, which gives the public information on which agency to call in the event of a cyber incident. We often get...more

Privacy Tip #47 – Safety Tips for Using Twitter When Anonymity is Crucial to Your Safety

My Facebook account got hacked, so I am no longer on Facebook. LinkedIn was also hacked and users were told to reset their passwords, which I did immediately. I don’t use Twitter, because it’s just another way to get hacked,...more

UK Financial Conduct Authority—Regulated Firms Can Go to the Cloud

July 7, 2016, saw the UK’s Financial Conduct Authority (FCA) publish fresh guidance in order to clarify the requirements which apply to the financial services firms it regulates when outsourcing to the cloud. When the FCA...more

Hold On, You Didn’t Overpay for That: Courts Address New “Overpayment” Theory from Plaintiffs in Data Breach Cases

With the ever-increasing amount of personal information stored online, it is unsurprising that data breach litigation has become increasingly common. A critical issue in nearly all data breach litigation is whether a...more

FTC Expands Its Role In Cybersecurity Enforcement By Reviving LabMD Action

On Friday, July 29, 2016, the Federal Trade Commission (“FTC” or the “Commission”) overturned the decision of one of its administrative law judges (“ALJ”) from November 2015 in a suit against LabMD, Inc., now finding LabMD...more

FTC Overrules LabMD Dismissal, Finds Unfair Data Security Practices

The FTC issued an Opinion and Final Order reversing the previously dismissed charges against LabMD on July 29. FTC Administrative Law Judge (ALJ) D. Michael Chappell had dismissed the case against LabMD on November 13, 2015...more

Largest HIPAA Settlement Announced Against A Single Entity: $5.55 Million

On August, 4, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced that Advocate Health Care Network (Advocate) agreed to pay a settlement amount of $5.55 million and adopt a...more

Go for the Gold When It Comes to Data Security

During sensitive, expensive discovery, nothing is more critical than the security of your electronically stored information (ESI). You can have impeccable records, defensible collection practices, and the best intentions, but...more

963 Results
|
View per page
Page: of 39
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×