Data Security

News & Analysis as of

Sony Cyber-Attackers Lurking at Financial Supervisor “Watering Hole” Target Banks and Others

Cybersecurity specialists at BAE Systems and Symantec announced last week new evidence suggesting that the criminals behind the notorious 2014 attack on Sony Corp. are also responsible for recent cyber-attacks involving 104...more

Friend or Foe? State Attorneys General Start to Change Their Tune on Industry & Cybersecurity

Should businesses be thought of as victims or bad actors when it comes to data breaches? State attorneys general are embracing the idea that businesses are not necessarily adversaries in the struggle to protect sensitive...more

Comments Sought of FCC Privacy Regime

On Friday, the Federal Register published the FCC’s January 17th Public Notice of the fact that eleven Petitions for Reconsideration were filed in the Broadband Privacy proceeding (WC Docket No. 16-106). The Petitions...more

Data Privacy in a Time of Reaction: "Big Data" versus "The People"

1. Data privacy concerns entwined with anti-globalization - Anti-globalization has become a serious theme in Western countries. Right-wing and left-wing political movements converge on the issue. Centrist elites...more

$5.5 Million HIPAA Settlement Underscores Importance of Audit Controls

On February 16, 2017, the HHS Office for Civil Rights (OCR) disclosed a $5.5 million settlement with Memorial Healthcare Systems (MHS) for HIPAA violations affecting the protected health information (PHI) of 115,143...more

Polish DPA Releases Data Privacy Inspection Plans – Targets Health, Shopping

The Polish Data Protection Authority (GIODO) has just released its inspection plans for 2017. This year, the GIODO has decided to target its review of compliance with data protection laws on the health services and consumer...more

$5.5 Million HIPAA Settlement Matches Largest Payment To-Date

On February 16, 2017, the U.S. Department for Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced that Memorial Healthcare Systems of Florida (“MHS”) agreed to pay $5.5 million and enter into a...more

Eighth Circuit Undoes Target Data Breach Settlement Class

The $10 million settlement class in the Target data breach case was unraveled by the Eighth Circuit Court of Appeals in a recent decision that will force the district court to address the impact of the Supreme Court’s...more

Notable New State Privacy and Data Security Laws – Part Two

This is the second in a two-part series addressing recent developments in state privacy and data security laws. This article addresses new laws about student privacy, enforcement/ punishment for data privacy and security...more

Cybersecurity Threats for Treasury & Payment Management Systems Report Released

Pactera Technologies N.A., Inc. [www.Pactera.com] has released the report “Cybersecurity Threats for Treasury & Payment Management Systems: Six Things you Should Know to Manage Them.” It is easy to understand and pertinent,...more

Modernization? SAMHSA Falls Short in Updating 42 C.F.R. Part 2

On January 18, 2017, the Department of Health and Human Services Substance Abuse and Mental Health Services Administration (“SAMHSA”) published a final rule amending 42 C.F.R. Part 2 (“Part 2”), with an effective date that...more

Cybersecurity Obligations of Directors - Guidance from the United States Decisions

Your organization will in all likelihood suffer a cyberattack. According to a recent study by Accenture, the average Canadian organization faces about 96 cyberattacks per year, nearly one third of which result in a security...more

The February 2017 Update – The Mintz Matrix

During 2016, amendments to breach notification laws in five states went into effect (California, Nebraska, Oregon, Rhode Island and Tennessee). And by the end of last year, well over twenty states had introduced or were...more

Data Breach Notification In the EU: A Comparison of US and Soon-To-Be EU Law

In the United States Congress has repeatedly attempted, but failed, to agree on federal data breach notification legislation. As a result, there is no single federal statute that imposes a breach notification obligation on...more

Arby’s Investigating Payment Card Breach

Arby’s has announced that it is investigating its payment card systems after Brian Krebs first reported the incident. According to reports, malware placed on Arby restaurants’ payment card systems allowed attackers to...more

Make Cybersecurity Great Again? Cybersecurity Challenges — and Opportunities — for the Trump Administration

The Trump Administration has taken office at a time when cybersecurity has increasingly entered the public consciousness as a major challenge facing both the United States government and the business community. Cyberattacks...more

Expert Insights on Developing a Physical Security Program

In today’s digital age, security tends to be thought about in terms of firewalls, malware, encryption and other safeguards for electronic systems. But the security of those systems, as well as an organization’s facilities,...more

Restaurant Chain Latest Victim of Data Security Breach

In early February 2017, Arby’s Restaurant Group, Inc. became the latest retailer to report that it has suffered a large data breach affecting approximately 1,000 corporate restaurants and impacting as many as 350,000 credit...more

Employment Law Navigator – Week in Review: February 2017 #2

Last week, in her first public comments since her appointment, new EEOC Chair Victoria Lipnic indicated that the agency will focus on age discrimination, equal pay, and job growth. Lipnic also indicated that the agency will...more

Bounty or Bug Programs: A How-To Guide

Data security officers typically look for security risks by monitoring reports from automated security systems, listening to employees’ reports of security issues, and/or auditing IT systems. There is a great deal of debate,...more

HIPAA Enforcement Update (October 2016 – January 2017)

Since October 2016, the Department of Health and Human Services, Office for Civil Rights (OCR) announced four settlement agreements to resolve allegations of Health Insurance Portability and Accountability Act (HIPAA)...more

Data Breach Notification Archive Made Publicly Available Online By Massachusetts Office Of Consumer Affairs

On January 3, 2017, the Massachusetts Office of Consumer Affairs and Business Regulation announced the online public availability of data breach notification records that it receives and maintains pursuant to the...more

Socially Aware: The Social Media Law Update Volume 8, Issue 1

The Decline and Fall of the Section 230 Safe Harbor? - 2016 was a tough year for a lot of reasons, most of which are outside the scope of this blog (though if you’d like to hear our thoughts about Bowie, Prince or...more

PLI 22nd Annual Consumer Financial Services Institute – 25 Percent Discount Available

We are pleased to invite you to the 22nd Annual Consumer Financial Services Institute, sponsored by the Practising Law Institute, March 27-28, 2017, in New York City (and by live webcast and groupcast in Atlanta and...more

HIPAA Small Breach Notification Due March 1: “In Like a Lion, Out Like a Lamb” if You Submit Timely

March 1, 2017 is the date by which HIPAA covered entities must notify the U.S. Department of Health and Human Services Office for Civil Rights (OCR) of “small” breaches of unsecured protected health information that were...more

1,266 Results
|
View per page
Page: of 51
Popular Topics

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×