Data Protection

News & Analysis as of

4.5 Million Patients’ Information Stolen by Hackers

Community Health Systems Inc. (“CHS”), a Tennessee-based hospital provider, has reported it was the target of data hackers who were able to obtain identification information belonging to approximately 4.5 million CHS...more

Reasonable Doubt: Data Privacy, Cybersecurity, and the FTC

Today’s cybersecurity environment demands that every business establish effective corporate data privacy and consumer information security systems and practices. But, unfortunately, no single cybersecurity law exits to...more

Community Health System's HIPAA Breach: Significant Lessons for Health Care and Non-Health Care Companies

On August 18, 2014, Community Health Systems, Inc. (CHS) publicly confirmed, in a filing with the Securities and Exchange Commission (CHS filing), that its computer network was attacked between April and June 2014 by hackers...more

Google, the House of Lords and the timing of the EU Data Protection Regulation

In the Google Spain “Right to be Forgotten” case, the ECJ held that Google must remove links to a newspaper article containing properly published information about a Spanish individual on the basis that the information is no...more

Director Liability for Cybersecurity Risks

If a corporation is the target of a cyberattack resulting in a data breach, its board may be the target of a shareholder derivative action claiming breach of fiduciary duty. A recent example is Palkon v. Holmes, No....more

Hospital Network Reports Large HIPAA Breach

Community Health Systems announced yesterday, August 18th, that hackers broke into its computers and stole data on 4.5 million patients. ...more

New Guidance for Merchants on Ensuring that Service Providers Share Security Responsibility

For merchants, long gone are the days of using a card reader with a dial-up connection to their payment processor. Today’s omni-channel retailers rely on multiple third party service providers to complete payment card...more

OIG Report Takes Issue With Oversight of Security Controls for Electronic Health Records

HHS Office of Inspector General (OIG) recently released a report concluding that the entity responsible for overseeing the testing and certification process for electronic health records (EHRs) did not fully ensure that...more

E-Discovery Matters: “A Guide to ESI Preservation Responsibilities”

I am pleased to announce the availability of our firm’s updated publication, A Guide to ESI Preservation Responsibilities. I believe this white paper serves as a useful resource to anyone dealing with the complicated issue of...more

Bring Your Own Device Doesn't Mean Bring in Security Breach

Bring-Your-Own-Device (“BYOD”) policies have been picking up steam because of increased productivity, improved communications, and the need for employees to work remotely. However, when implementing any BYOD policy there are...more

Consumer Privacy Legislation? All Sides Weigh In But Remain Far Apart in the Big Debate Over Big Data

Recent comments filed by various stakeholders in response to the U.S. Commerce Department’s National Telecommunications and Information Administration’s (NTIA) Request for Public Comment (RFC) on “Big Data and Consumer...more

Privacy and Data Security for Your Nonprofit?: Understanding Your Legal Obligations and Insuring against Risk

In this presentation: - The Cyber Threat Landscape - Top 4 Risks to Nonprofits - Risks Are Getting Riskier… – Part 1: Top 4 Industry Trends – Part 2: Top 4 Legal Developments - Ten Steps...more

Why Cyber Security? [Video]

• Electronic data and credit card information can be compromised due to malware, phishing, spear phishing, data loss and data theft • The risk of cyber liability is real for ALL enterprises whether large or...more

PCI Council Issues Biz Tips to Reduce 3rd Party Security Risk

On August 7, 2014 the PCI Security Standards Council issued new guidance to supplement PCI DSS Requirement 3.0 and help organizations reduce the risks associated with entrusting third-party service providers (“TPSPs”) with...more

Life Sciences Spotlight - Issue 4, 2014

Since our last edition, there has been a number of developments in the Life Sciences sector across the Asia Pacific region and we are pleased to be able to update you on these recent trends. It is evident that the...more

Data Breach Notification, Helpful or Harmful?

Some IT professionals are debating whether they would issue a data breach notification in the event of a hack. Their rationale is that such a notification makes them a target for other hackers and that most of the incidents...more

The Inevitable Cyber Break In: Are You Protected?

The prevalence of cyber data breach over the years has not only grown in number, but has also grown in size. Perhaps the most well-known example of a large-scale data breach is that suffered by Target Corp. occurring at the...more

Russian Crime Ring Possesses Mass Quantities of Stolen Online Information

With recent reports that a Russian crime ring may have stolen the largest collection of online data — including 1.2 billion username and password combinations—effective data security is more critical than ever for all...more

Data Breach Litigation – A New Wave of Class Actions by Financial Institutions

Rarely does a day go by without news of a data security breach. According to the Identify Theft Resource Center, there have been a total of 447 data breaches to date this year, which represents a 20.5% increase over the same...more

Massachusetts Enforces Data Security Regulations Against Out-of-State Entity

On July 23, 2014, the Massachusetts Attorney General announced a consent judgment with an out-of-state Rhode Island hospital, Women & Infants Hospital of Rhode Island (“WIH” or the “Hospital”), resolving a lawsuit against WIH...more

What Companies Can Do to Protect Themselves in the Face of Yet Another Massive Data Breach

Last week it was reported that a small group of Russian computer hackers illegally obtained an unprecedented quantity of internet credentials, including 1.2 billion username and password combinations, and over 500 million...more

Cyber Risks For The Boardroom

The Recent Increase In Focus on Privacy Issues - Privacy issues have been the focus of many state efforts over the past few years. However, the SEC has increased their focus tremendously over the past few months (see...more

Massive Hacking Operation Further Reveals Weakness of Passwords

A small private cybersecurity firm recently revealed that a Russian computer hacking organization amassed more than 1.2 billion username and password combinations. The data was collected across a wide swath of websites, from...more

Payment Cards Security Standards Organization Publishes Third-Party Security Assurance Guidance

On August 7, the PCI Security Standards Council (PCI SSC), the open global forum responsible for setting payment security standards, published an information supplement titled “Third-Party Security Assurance Guidance,” which...more

PCI Security Standards Counsel: Recently Published Recommendations

The PCI Security Standards Council has recently published recommendations for ensuring that payment data and systems entrusted to third parties are maintained in a secure and compliant manner, in accordance with PCI-DSS...more

1,493 Results
|
View per page
Page: of 60