Data Security

News & Analysis as of

HIPAA Security Requirements Aren't Cloudy, Especially to Whistleblowers

Earlier this month, the U.S. Department of Health and Human Services Office for Civil Rights (HHS OCR) announced that it had entered into a settlement agreement with St. Elizabeth's Medical Center (SEMC) in Brighton,...more

NIST releases draft guide for use of mobile devices for medical providers

The National Institute of Standards and Technology (NIST) cybersecurity center released a draft guide last week for health IT professionals to use to bolster security for the use of mobile devices in the health care industry....more

LifeLock Inc. sued by FTC for allegedly violating order and misleading customers

In 2010, LifeLock Inc. entered into a settlement with the Federal Trade Commission (FTC) and 35 state attorneys general for $12 million for allegations involving false promises and lack of security. The settlement was...more

U.S. Senators Introduce Automobile-Focused Cybersecurity Legislation

On July 21, Senators Blumenthal (D-CT) and Markey (D-MA) introduced legislation, the Security and Privacy in Your Car Act (“SPY Car”Act), that would protect drivers’ privacy while allowing them to remain connected to the...more

Getting More Personal: California Amends Data Security Law

California’s data security statute will get a little more “personal” as of January 1, thanks to a recently-passed amendment revising the definition of covered personal information. On July 14 California expanded the...more

Significant Amendments to Connecticut and Nevada Breach Notifications and Data Security Laws

Nevada and Connecticut recently enacted amendments to breach notification and data security requirements that are relatively unique among existing state laws, thus imposing new compliance obligations upon companies doing...more

The Connected Car and Keeping YOU in the Driver’s Seat

Remember KITT? KITT (the Knight Industries Two Thousand) was the self-directed, self-driving, supercomputer hero of the popular 1980s television show Knight Rider. Knight Rider was a science fiction fantasy profiling the “car...more

State Law Roundup: Legislatures Across the U.S. Revamp Data Breach Notification Laws

As the number of highly publicized data breaches continues to skyrocket and proposals for a federal data breach notification law stagnate, state legislatures around the country have been busy amending their own breach...more

Seventh Circuit Allows Data Breach Class Action to Proceed Against Neiman Marcus, Despite Lack of Current Harm to Credit Card...

Data breaches are often followed by class action suits in which the affected individuals seek damages. Corporations defending against such suits have used a 2013 Supreme Court case, Clapper v. Amnesty International, 133 S....more

Federal Data Breach Bill Stalled in Congress

A key distinguishing feature of U.S. data privacy laws is their patchwork nature. There are industry-specific data privacy laws at the federal level (think HIPAA or the GLBA), yet there are no comprehensive federal standards...more

Oregon Amends Data Breach Law — Companies Can Expect More Enforcement Actions

Oregon Gov. Kate Brown recently signed into law amendments to the state’s data breach law. These amendments recognize the growing definition of data, expand the role of the Attorney General in addressing data breaches,...more

Smartphones & Smart Employers: Device Policies Enable Businesses To Safely Embrace Technology

Employers who don’t think they need a bring-your-own-device policy should consider this: Nearly 70 percent of millennials and 31 percent of baby boomers surveyed last year by TrackVia admitted to using their own devices and...more

Russian Government Considering Delaying Data Localization Law

A controversial data localization law in Russia that would require businesses to perform data storage and processing with servers located on Russian soil is set to go into effect on September 1, 2015, after an amendment...more

Trade Secrets, Security, and Cloud Computing: Best Practices Now

As businesses increasingly store and access confidential information in the cloud, questions arise as to how to safeguard a company’s private data once it becomes part of an external computing network. Standards for...more

HR Has More Important Things To Do

On Tuesday, Salon published an article titled “5 Ways Corporate HR Departments Monitor Your Movements – Even When You’re Not Working.” Because we’re always interested in the subject of employee monitoring, we eagerly clicked...more

This Is Not Your Father's Oldsmobile: Car Hacking and the SPY Car Act

Not coincidentally, on July 21, 2015, Wired Magazine published an article with groundbreaking evidence of hacking a car wirelessly, and Senators Edward Markey (D-Mass.) and Richard Blumenthal (D-Conn.) introduced legislation...more

GAO Issues Report Citing Shortcomings In Federal Government Cybersecurity

On July 8, 2015, the Government Accountability Office (“GAO”) issued a report finding that agencies across the federal government continue to have shortcomings in preventing, detecting, and responding to cyber threats. The...more

Internet-Based Document Sharing Applications Scrutinized

On July 8, 2015, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) and St. Elizabeth’s Medical Center (SEMC) located in Boston, Massachusetts entered into an agreement following an investigation...more

Class Action Suit Filed Against UCLA After It Suffers Massive Data Breach Affecting 4.5 Million Individuals

In yet another data breach affecting millions of individuals, UCLA Health System (“UCLA”) reported on July 17, 2015, that hackers had accessed portions of its health network that contained personal information, including...more

Auto manufacturers’ alliance create information sharing and analysis center for cyber-threats

Twelve automakers that make up the Alliance of Automobile Manufacturers (AAM) have agreed to form an information sharing and analysis center (Auto ISAC) that will facilitate the sharing of cyber security data to stay abreast...more

Seventh Circuit overturns Neiman Marcus data breach class action dismissal

In an unusual turn for recent data breach class action cases, the Seventh Circuit this week found that a likely threat of identity theft is sufficient for a proposed class to have standing to sue Nieman Marcus for a...more

Cybersecurity is once again a hot topic as Illinois undergoes PIPA update

Cybersecurity is a hot topic at both the state and federal level. Specifically, Illinois is in the process of amending its Personal Information Protection Act (“PIPA”). Illinois SB 1833 will amend PIPA by establishing more...more

Class Is in Session: The FTC Launches New Data Security Initiative

Why it matters - The Federal Trade Commission (FTC) kicked off a new educational initiative to provide guidance to businesses in the area of data security. Based on the lessons learned from more than 50 of the agency's...more

FTC's New Consumer Data Security Guidance Offers Businesses Practical Tips

The Federal Trade Commission has issued new guidance on data security for companies that collect, store and use consumer information, gleaned from the more than 50 enforcement actions brought by the agency over the past...more

Orrick's Policyholder Insider Quarterly

Five Lessons Health Care Companies Should Learn From Cyberattacks - The American health care industry is under attack by sophisticated hackers seeking access to electronic medical records. Since January, three health...more

84 Results
|
View per page
Page: of 4

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×