Data Security

News & Analysis as of

New York Attorney General Announces Settlement With Trump Hotel Over Two Data Security Incidents

On September 23, 2016, New York Attorney General Eric T. Schneiderman announced a settlement with Trump International Hotels Management LLC, d/b/a Trump Hotel Collection (“THC”), imposing $50,000 in penalties and ongoing...more

The serious security vulnerabilities of mobile devices

If you have wondered about security threats to your mobile device, a recent report of the National Institute of Standards and Technology may answer some of your questions — and increase your fears. The report, “Assessing...more

UPDATE: Got Data? Actual Harm Not Required for FTC Enforcement Action for Lax Security Measures

As anticipated, things are getting even more exciting with the case previously covered in Password Protected. Specifically, LabMD is appealing the landmark data security case between it and the Federal Trade Commission...more

Key Legal Issues in Privacy and Data Security on Display in Sixth Circuit Data Breach Class Action Decision

A September 12, 2016 decision out of the U.S. Court of Appeals for the Sixth Circuit adds new fuel to an ongoing legal debate: when a data breach places a business’s sensitive customer information into the hands of hackers,...more

New York Regulators Propose Stricter Cybersecurity Rules

On September 13, 2016, New York Governor Andrew Cuomo proposed first-of-their-kind rules that would require financial institutions to develop and implement detailed cybersecurity programs. The proposed rules would apply only...more

5 Questions to Help Prepare for a Ransomware Attack

The news has been filled this year with reports of ransomware attacks against companies and government agencies, including even law enforcement. Ransomware refers to a type of malware that encrypts or otherwise restricts...more

Aravind Swaminathan Weighs in on Proposed Cybersecurity Regulations for Financial Institutions

Aravind Swaminathan, global co-chair of Orrick’s Cybersecurity & Data Privacy team, recently spoke with Global Investigations Review regarding new plans proposed by New York’s Department of Financial Services that will...more

Dedicated Physical Server Hosting versus Cloud Hosting Environments: Which is Better for Your eDiscovery Data?

Businesses, including corporations and law firms, are increasingly choosing to host their business-critical applications with third parties to reduce (or avoid altogether) CapEx and OpEx associated with installing and...more

How Safe is Your Data Center?

This was the topic of Legaltech News’ story on 10 best practices for data security and what you need to know about how and where your information is stored, by Christine Yi of Xerox Legal Business Services When you are...more

Questions Remain Regarding Revised NAIC Data Security Model Law

The National Association of Insurance Commissioners (NAIC) Cybersecurity (EX) Task Force released its second version of the Insurance Data Security Model Law (Model) on August 17. The first version was exposed on March 3, and...more

Cyber Alert: Security Vulnerabilities: You Don’t Need a Breach to Face Regulatory Scrutiny

Those who track newsworthy data breaches and other cybersecurity incidents know what type of fallout to expect from these events. Class action lawsuits from consumers, shareholders and financial institutions are now not an...more

New York State Proposes New Cybersecurity Regulation

The New York State Department of Financial Services (“DFS”) has proposed a new regulation imposing significant new cybersecurity requirements on banks, insurance companies, and other financial services institutions regulated...more

Advertising Law - September 2016 #2

FTC Gives Academic Journals a Failing Grade - The Federal Trade Commission recently filed suit against the publisher of online academic journals that the agency accused of deceiving academics and researchers. OMICS...more

German DPA Publishes First Privacy Shield Guidelines, Requires German-Law Contracts for Transfers

On June 7, 2016, the European Commission adopted the US-EU Privacy Shield. Companies that self-certify under Privacy Shield with the US Department of Commerce – dubbed “Privacy Shield organizations” – are thus officially...more

FFIEC Provides Concrete Guidance on Setting Up Information Security Programs

The Federal Financial Institutions Examination Council (FFIEC)—the interagency body tasked with setting uniform principals and standards for the examination of financial institutions by federal prudential regulators,...more

Cyber Insurance: Common Pitfalls of the Insured

As we have noted in a number of recent posts, tech companies need cyber insurance. The risk of not having it is simply not worth it.  But cyber insurance policies can be confusing to understand because the policies vary...more

Employment Law Navigator – Week in Review: September 2016 #2

Last week, as we learned that the CIA has invested in another Big Data analytics startup, new headlines and commentary addressed the dangers of hidden bias in technology. LinkedIn changed its search algorithm after the...more

Hardware Password Defaults – Do You Change Them?

IT professionals have long understood the importance of changing the default password for network connected hardware devices (printers, switches, wireless access points, etc.). In the world of the Internet Of Things it seems...more

FTC Round-Up: NIST Framework Compliance Is Not Enough and Looming Ransomware Enforcement Activity

On August 31st and September 7th, 2016, the Federal Trade Commission (FTC) provided guidance regarding cybersecurity standards, which companies should consider when assessing their current data security posture....more

FTC Makes Clear that NIST Cyber Framework is Not a Cure-All

Last week, the FTC published a blog post titled The NIST Cybersecurity Framework and the FTC, in which the agency issued a nuanced answer to an oft-asked question: “If I comply with the NIST Cybersecurity Framework, am I...more

Privacy Tip #51 – Check Up on Your Tax Preparer’s Data Security Measures

We have written before about the ability of hackers to file false tax returns to get fraudulent refunds by using the IRS website, and how hundreds of thousands of Americans have become victims of tax fraud. The IRS...more

Business Associates Beware! OCR Means Business

In June 2016, OCR entered into its first settlement agreement with a business associate, Catholic Health Care Services of the Archdiocese of Philadelphia (“CHCS”), for potential violations of the HIPAA Laws by failing to...more

MedStar Health Cardiology Associates Employee Emails Patient Information to Personal Account and Gets Fired

MedStar Health Cardiology Associates, (“MedStar Cardiology”) affiliated with MedStar Health, which was recently in the news for a ransomware attack, discovered that an employee sent protected health information of 907...more

NAIC's New Cybersecurity Model Law Draft Is Still Flawed

Insurers are a prime target for hackers as a result of the vast stores of valuable data they maintain. Not all information is created equal, and it varies in value. Hacker services and software, illegal drugs, cyberweapons...more

First Day of School for the NYS Education Department’s New Chief Privacy Officer

As New York public schools increase the use of technology in day-to-day operations and in the classroom, they increasingly face data management and data security threats similar to those faced by businesses and non-profit...more

1,009 Results
|
View per page
Page: of 41
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×