Data Security

News & Analysis as of

Déjà Vu Not All Over Again: Ninth Circuit Strengthens CFAA In Nosal II

On July 5, 2016, the Ninth Circuit Court of Appeals issued its highly anticipated decision in the most recent chapter of United States v. Nosal, holding that an individual acts "without authorization" as used in the Computer...more

Unplanned EHR Disruptions–Common for Hospitals

The prevalence of ransomware attacks is increasing. In fact, “[o]n average, more than 4,000 ransomware attacks have occurred daily since January 1, 2016,” according to a recent interagency government report. Given this...more

Unlocking the EU General Data Protection Regulation: A practical handbook on the EU's new data protection law: Chapter 11:...

Why does this topic matter to organisations? Under the GDPR, the concept of a "processor" does not change. Any entity that is a processor under the Directive likely continues to be a processor under the GDPR. However,...more

Unlocking the EU General Data Protection Regulation: A practical handbook on the EU's new data protection law: Chapter 10:...

Why does this topic matter to organisations? Each time an organisation processes personal data, it will do so as either a controller or a processor. These roles bear different responsibilities. Therefore, it is...more

A Fragile Shield? Managing the Risks of EU-U.S. Data Transfer

Following European Commission adoption of the Privacy Shield on July 12, 2016, and with Privacy Shield self-certification poised to open for business organizations on August 1, 2016 as a replacement for the invalidated...more

WilmerHale Privacy and Cybersecurity Law Blog - Comparison of Requirements Under the Privacy Shield/Safe Harbor Principles

Notice Requirements - The Privacy Shield notice requirements are more specific and detailed than what was required by the Safe Harbor regime. Safe Harbor required a privacy policy to provide information on data...more

Unlocking the EU General Data Protection Regulation: A practical handbook on the EU's new data protection law: Chapter 6: Data...

Why does this topic matter to organisations? The Data Protection Principles provide the conditions on which an organisation is permitted to process personal data. If an organisation cannot satisfy the Data Protection...more

EU-US Privacy Shield to Launch August 1, Replacing Safe Harbor

I. Introduction: Privacy Shield to Go Live August 1 (at Last) - The replacement for Safe Harbor is finally in effect, over nine months after Safe Harbor was struck down by the Court of Justice of the EU in the Schrems...more

The FCA Peers Into Dark Pools

On July 21, 2016, the Financial Conduct Authority (FCA) of the United Kingdom (UK) published a thematic review: UK equity market dark pools - Role, promotion and oversight in wholesale markets. Background - The...more

Is encryption the key to your data security?

With the increased rate of data breaches targeting personal information, an increased public awareness of online privacy, and an increasingly demanding regulatory landscape, large and small businesses are looking to...more

European Parliament Passes Landmark Data Protection Regulation

On April 14, 2016, the European Parliament passed the General Data Protection Regulation (GDPR) and its companion, Data Protection Directive for Police and Criminal Justice Authorities. The GDPR is a comprehensive regulation...more

More (MACRA) Data Analysis, Please

On July 1, CMS finalized new MACRA rules that significantly expand how qualified data entities will be allowed to share or sell analyses of Medicare and private claims data to providers, insurers, employers, and others who,...more

Three Tips to Verify the Security of Your E-Discovery Software

SOC 2® Type 2 Certification and Zapproved–Building Trust and Confidence that Your Data is Secure - Today in e-discovery, it should be no surprise that cyber security is a rising concern among corporate leaders and that...more

U.S. Court for District of Minnesota Dismisses Target Data Breach Shareholder Derivative Suits

On July 7, 2016, the United States District Court for the District of Minnesota granted Target’s unopposed motion to dismiss the derivative actions filed by a number of shareholders against the company relating to the...more

Pokémon Go in the Workplace: Oh Look There’s a Pikachu!

Did you know that the world is now inhabited by creatures called Pokémon? (Or maybe they’ve always been there?) Some run across the plains; others fly through the skies; and some live in the mountains….and some, yes, some,...more

FinTech Companies Face Big Privacy Challenges in 2016

According to the FBI, “there are only two types of companies: those that have been hacked and those that will be.” It does not take an actual data breach, however, for a company to be liable for its data security practices. ...more

Breach of ePHI Results in $2.7 Million Fine

Oregon Health & Science University (“OHSU”) has paid $2.7 million to the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) to settle allegations that it violated the Health Insurance Portability...more

First EU-wide cybersecurity regime set to enter force in August 2016 after final approval by European Parliament

The European Parliament gave final approval to the Network and Information Security Directive (“Directive”), the first-ever EU-wide cybersecurity standards, on July 6, 2016. The Directive seeks to improve the cybersecurity...more

ATM vulnerability – Banks beware!

It is said that a chain is only as strong as its weakest link. Often the same is said for an organization’s data privacy & security defensives. Could it be that the ubiquitous ATM machine is the weak link to the banking...more

A Side-by-Side Comparison of "Privacy Shield" and the "Safe Harbor": The Easiest Way to Understand What Privacy Shield Is and...

More than 5,000 companies had taken advantage of the now defunct U.S.-EU Safe Harbor Framework. Those companies are now considering whether to join the newly approved “Privacy Shield,” and are trying to understand the...more

Ninth Circuit Vastly Expands Scope of Criminal, Civil Liability for Computer Fraud

In a pair of highly anticipated decisions, the Ninth Circuit significantly reshaped criminal and civil liability under the federal Computer Fraud and Abuse Act (CFAA). The court’s recent decisions in United States v. Nosal...more

FTC Steps Up Activity on APEC Cross-Border Privacy Certification: Issues Warning Letters to 28 Companies Claiming Certification

The Federal Trade Commission (FTC) has issued warning letters to 28 companies that claim to be certified participants in the Asia-Pacific Economic Cooperative’s (APEC) Cross-Border Privacy Rules (CBPR) system on their...more

Privacy Shield Finalized - How Everyone Can Take Advantage of the New European Data Transfer Framework

The EU Data Protection Directive 95/46/EC (the “Directive”) creates the legal framework for national data-protection laws in each EU Member State. The Directive states that personal data may only be transferred to countries...more

Waves of Guidance and Benefit Plan Developments Worth Watching

Notices on Second Round of Privacy and Security Audits are Out, Expat Plans, OON Surgery Center Billing Issues, and New Nondiscrimination Rules for Federal Contractors, New ERISA Civil Monetary Penalties, COBRA Notices and...more

Recent U.S. Department of Education Dear Colleague Letter Raises the Bar on Standards for Protecting Federal Financial Aid Data

On July 1, 2016 the U.S. Department of Education issued a follow-up Dear Colleague Letter to the Dear Colleague Letter of July 29, 2015. This most recent letter reminds institutions of their legal obligation to protect...more

909 Results
|
View per page
Page: of 37
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×