Data Security Data Breach

News & Analysis as of

OPM Data Breach Update

The Senate Appropriations Committee has approved funding to provide the 22 million individuals affected by the OPM data breaches with 10 years of credit monitoring services and $5 million in liability protection for damages,...more

Getting More Personal: California Amends Data Security Law

California’s data security statute will get a little more “personal” as of January 1, thanks to a recently-passed amendment revising the definition of covered personal information. On July 14 California expanded the...more

State Law Roundup: Legislatures Across the U.S. Revamp Data Breach Notification Laws

As the number of highly publicized data breaches continues to skyrocket and proposals for a federal data breach notification law stagnate, state legislatures around the country have been busy amending their own breach...more

Seventh Circuit Allows Data Breach Class Action to Proceed Against Neiman Marcus, Despite Lack of Current Harm to Credit Card...

Data breaches are often followed by class action suits in which the affected individuals seek damages. Corporations defending against such suits have used a 2013 Supreme Court case, Clapper v. Amnesty International, 133 S....more

Federal Data Breach Bill Stalled in Congress

A key distinguishing feature of U.S. data privacy laws is their patchwork nature. There are industry-specific data privacy laws at the federal level (think HIPAA or the GLBA), yet there are no comprehensive federal standards...more

Oregon Amends Data Breach Law — Companies Can Expect More Enforcement Actions

Oregon Gov. Kate Brown recently signed into law amendments to the state’s data breach law. These amendments recognize the growing definition of data, expand the role of the Attorney General in addressing data breaches,...more

GAO Issues Report Citing Shortcomings In Federal Government Cybersecurity

On July 8, 2015, the Government Accountability Office (“GAO”) issued a report finding that agencies across the federal government continue to have shortcomings in preventing, detecting, and responding to cyber threats. The...more

Internet-Based Document Sharing Applications Scrutinized

On July 8, 2015, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) and St. Elizabeth’s Medical Center (SEMC) located in Boston, Massachusetts entered into an agreement following an investigation...more

Class Action Suit Filed Against UCLA After It Suffers Massive Data Breach Affecting 4.5 Million Individuals

In yet another data breach affecting millions of individuals, UCLA Health System (“UCLA”) reported on July 17, 2015, that hackers had accessed portions of its health network that contained personal information, including...more

Seventh Circuit overturns Neiman Marcus data breach class action dismissal

In an unusual turn for recent data breach class action cases, the Seventh Circuit this week found that a likely threat of identity theft is sufficient for a proposed class to have standing to sue Nieman Marcus for a...more

Cybersecurity is once again a hot topic as Illinois undergoes PIPA update

Cybersecurity is a hot topic at both the state and federal level. Specifically, Illinois is in the process of amending its Personal Information Protection Act (“PIPA”). Illinois SB 1833 will amend PIPA by establishing more...more

Orrick's Policyholder Insider Quarterly

Five Lessons Health Care Companies Should Learn From Cyberattacks - The American health care industry is under attack by sophisticated hackers seeking access to electronic medical records. Since January, three health...more

Hospital’s Cloud-Based Document-Sharing Practices Lead to $218,400 HIPAA Settlement

On July 10, 2015, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced a substantial settlement with St. Elizabeth’s Medical Center (SEMC). Under the terms of the settlement, the hospital...more

With No Federal Law in Sight, States Continue to Refine Their Own Data Privacy Laws

With no Congressional consensus to adopt a federal data privacy and breach notification statute, states are updating and refining their already-existing laws to enact more stringent requirements for companies. Two states...more

Also In the News - Data, Privacy, & Security Practice Report - July 2015 #2

FCC Working Group Issues Report On Cybersecurity Best Practices – The June 2015 issue of the Intellectual Property & Technology Law Journal features an article by King & Spalding partner Steven Snyder on a Federal...more

FTC Provides Data Security Guidance to Businesses Based on Lessons From Past Enforcement Actions

On June 30th, the Federal Trade Commission (FTC) published a guide titled Start With Security: A Guide for Business, providing 10 lessons learned from the over 50 enforcement actions brought by the FTC against companies that...more

UCLA Health System announces data breach affecting 4.5 million patients and medical providers

Adding to the long list of cyber hacking victims, the UCLA Health System announced on Friday (July 17, 2015) that it confirmed on May 5, 2015 that a cyber-attacker had accessed parts of UCLA Health’s network back to September...more

State Attorneys General Ask Congress Not To Preempt Breach Notification Laws

In the wake of recent, large-scale data breaches, several pieces of legislation have been introduced in Congress to establish a national data breach notification law, including a House bill that would preempt the current...more

Army National Guard announces data breach affecting both current and former members

On July 10, 2015, the Army National Guard announced a breach of its current and former members’ personal information, dating back to 2004. The breach occurred when files containing personal information were accidentally...more

Is a Uniform Federal Data Breach Law Really Necessary?

In June 2015, the United States Office of Personnel Management announced a massive data breach. Estimates are that the breach compromises the personal information of up to 18 million current, former and potential federal...more

Connecticut Updates its Data Security Laws, Imposing Stringent New Requirements

On June 30, 2015, the Governor of Connecticut signed into law S.B. 949, “An Act Improving Data Security and Agency Effectiveness." The new law updates Connecticut’s data security laws, including by adding a 90-day hard...more

Is My Telehealth App Subject to HIPAA?

Many telehealth and mHealth app developers are concerned about whether or not their app is a medical device under FDA regulations (and rightfully so), they often pay less attention to the Health Insurance Portability and...more

HIPAA Settlement Regarding Use of Internet Applications

On July 10, 2015, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced a settlement agreement with St. Elizabeth's Medical Center (SEMC) in Brighton, Massachusetts, regarding potential...more

Cyber Liability Insurance – Does Your Retail Business Need It?

The news is full these days of hackers stealing credit card and other customer information from United States retailers such as Home Depot, Target, and Neiman Marcus (and the federal government) among others. These...more

FTC Releases Data Security Guide for Businesses

The Federal Trade Commission (FTC) has released a guide for businesses with practical tips and advice to help organizations better secure their data. The guide, Start With Security, draws on more than 50 data security...more

41 Results
|
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×