Personally Identifiable Information

News & Analysis as of

Nebraska Amends Its Data Breach Notification Statute

Since the beginning of 2015, numerous states have amended their data breach notification statutes to include expanded definitions of personal information, clarifications on encryption standards, and new notice content and...more

The FCC’s Privacy NPRM: A Closer Look at the Commission’s Legal Authority and Some of Its Proposals

As we have previously advised, the FCC’s proposed rulemaking to “protect the privacy of customers of broadband and other telecommunications services” (the “NPRM”) proposes sweeping changes to the ways that Internet Service...more

Privacy Issues to Consider When Developing a Mobile App

Many of the most popular mobile apps collect personally identifiable information. Although most app developers are not required to display a privacy policy under federal law, they are contractually required to do so pursuant...more

Insurer Must Defend Data Breach Claim Under Traditional Commercial General Liability Policies

On April 11, 2016, the U.S. Court of Appeals for the Fourth Circuit affirmed a ruling by Judge Gerald Bruce Lee of the U.S. District Court for the Eastern District of Virginia that Travelers Indemnity Company of America...more

Data security is top driver for information governance

A recent Advice from Counsel study sponsored by FTI Technology, entitled “The State of Information Governance in Corporations” found data security to be the top driver for information governance initiatives. The purpose of...more

Tennessee Gives Businesses 45 Days for Data Breach Notice

Recent amendments to the State’s data breach statute give a hard deadline for a business to provide consumer notice, removes encryption safe harbor, exempts entities that are subject to the Health Insurance Portability and...more

7th Circuit Revives P.F. Chang’s Data Breach Class Action Suit

Last week, the Seventh Circuit revived a data breach class action against P.F. Chang’s restaurant in an important opinion that continues a plaintiff-friendly trend that began with the court’s opinion in the Neiman Marcus case...more

Analysis of the FCC’s Proposed Broadband Privacy Regulations

As we highlighted in a post last month, the FCC has proposed sweeping new privacy rules on broadband providers. Since our last post, the FCC has released its proposal in the form of a Notice of Proposed Rulemaking. ...more

Cybersecurity Compliance Just Got Tougher

Companies need specific, well-executed plans to meet growing demands of federal and state agencies. While cybersecurity risks have increased, government regulation has traditionally lagged behind. Recently, some...more

Nebraska Makes Changes to Data Breach Statute

Nebraska Governor Pete Ricketts has signed LB835 into law, updating the state’s data breach notification statute. The changes take effect on July 20, 2016. With the updates, Nebraska joins a growing number of states...more

Tennessee Amends Its Data Breach Notification Laws

Removes the Encryption Safe Harbor, Limits the Timing of Notice, and Expands “Unauthorized Persons” - Effective July 1, 2016, Tennessee becomes the first state to remove the encryption safe harbor from its data breach...more

O’ Really, Canada? Data Breach Log Rules Underway

In June 2015, Canada made significant amendments to its data privacy law, the Personal Information Protection and Electronic Documents Act (PIPEDA).  These amendments to PIPEDA will require businesses to inform the Canadian...more

Data Security: You Must Know Where the Data Is Located Before You Can Secure It

It is commonplace to turn on the television news and hear of a new data breach from a large retailer or someone else. No one wants the legal problems (not to mention the embarrassment and the hit to reputation) from having...more

You’ve Been Notified: Alabama May Join Other States in Enacting Data Breach Notice Law

Forty-seven states and the District of Columbia have laws requiring notice of a data breach to potentially affected individuals. Alabama may soon join the crowd. Bills creating the Alabama Information Protection Act of...more

Seventh Circuit (Again) Finds Consumers Have Standing To Sue Over Data Breaches

On April 14, 2016, the Seventh Circuit held in Lewart v. P.F. Chang’s that customers who may have had personal information compromised in a P.F. Chang’s data breach have standing, at the motion-to-dismiss stage, to sue the...more

21st Century Oncology data breach litigation update

We previously reported that 21st Century Oncology suffered a data breach affecting 2.2 million patients and has been sued in at least two class action lawsuits following notification to the patient....more

44,000 FDIC customers’ data “inadvertently” taken by former employee

In a memo outlining a security incident as required by the Federal Information Security Modernization Act of 2014, the FDIC has admitted that the data of 44,000 FDIC customers was “inadvertently” taken by an employee as the...more

Good News for Corporate Policy Holders: Court Finds Cyber Coverage Under Standard Liability Policy

Corporate policy holders received good news on April 11 when the U.S. Court of Appeals for the Fourth Circuit issued its opinion in the case captioned: The Travelers Indemnity Company of America v. Portal Healthcare...more

Fourth Circuit Finds Potential Coverage For Data Leak As Publication Under CGL Policy

This week, a Fourth Circuit panel in an unpublished decision validated arguments long made by policyholders: that commercial general liability policies may provide coverage for certain data breach liabilities. In this case,...more

Experian handling 70 breaches a week resulting from IRS phishing scam

On March 1, 2016, the Internal Revenue Service alerted the business community of an e-mail phishing scheme designed to convince employees to provide company-wide W-2 tax forms containing social security numbers and other...more

Sony settles employees’ class action suit for up to $8M

The Sony data breach in 2014 was one of the most significant breaches experienced and was a first on many fronts. It was alleged to have been caused by North Korean hackers (calling themselves Guardians of Peace) seeking to...more

FCC Proposes Sweeping Broadband Privacy Rules

Broadband Internet access service providers would face a new, top-to-bottom consumer privacy regime. Twelve months after the US Federal Communications Commission (FCC) imposed common-carrier telecommunications rules on...more

FTC Releases 2015 Annual Highlights

On April 6, the FTC released its 2015 Annual Highlights report, which is comprised of four key sections: (i) enforcement; (ii) policy; (iii) education; and (iv) stats and data. Regarding enforcement highlights in 2015, the...more

Feds identify security vulnerabilities in state healthcare exchange websites

A Government Accountability Office (GAO) examination of the state-run health insurance exchanges for California, Kentucky and Vermont identified inadequate security measures in place to protect consumers’ personal...more

FCC Proposes Bothersome Breach Definition in Privacy NPRM

On April 1, 2016 the Federal Communications Commission (“FCC”) released its Notice of Proposed Rulemaking (“NPRM”) concerning privacy regulation of internet broadband service providers (“ISPs”). The NPRM proposes, among other...more

1,269 Results
|
View per page
Page: of 51
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×