News & Analysis as of

Personally Identifiable Information

AD-ttorneys@law

by BakerHostetler on

Back in February, VIZIO, one of the world’s largest manufacturers of “smart” televisions, reached a $2.2 million settlement with the Federal Trade Commission (FTC) and the New Jersey attorney general’s office. The company had...more

Court Expands Standing for Plaintiffs to Pursue Data Breach Claims

On August 1, 2017, the D.C. Circuit handed down its decision in the data breach class action Attias v. CareFirst. In doing so, it became the latest federal appellate court to recognize that individual victims of a breach have...more

New Mexico’s Data Breach Law

by Snell & Wilmer on

Almost all U.S states have laws about data security and what to do when there’s a data breach. New Mexico recently added such a law for its state. Here is what’s in the New Mexico law....more

Nevada Becomes Third State with Privacy Policy Law

Joining the ranks of California and Delaware, the state of Nevada adopted a new law mandating that, beginning Oct. 1, websites and other online services post a privacy policy....more

D.C. Circuit Concludes Heightened Risk of Future Identity Theft Enough for Standing in Data Breach Class Action

by Fisher Phillips on

Much to the dismay of companies, on August 1, 2017, the U.S. Court of Appeals for the D.C. Circuit made it easier for plaintiffs, and their attorneys, to bring class action data breach cases. In Attias v. CareFirst, Inc.,...more

D.C. Circuit Finds that Theft of Health Insurance Subscriber ID Numbers Is a Cognizable Injury in Identity Theft Litigation

by Moore & Van Allen PLLC on

Recently, the D.C. Circuit Court of Appeals ruled in Attias v. CareFirst, Inc., No. 16-7108, that customers had standing to sue a health insurer for a 2014 data breach in which the customers’ information was stolen. ...more

Another Circuit Joins the Trend of Setting a “Low Bar” for Standing in Data Breach Actions

by McGuireWoods LLP on

Consistent with a growing trend among courts nationwide, the D.C. Circuit Court unanimously held that a group of plaintiffs had cleared a “low bar” to establish constitutional standing for their claims in a data breach case...more

Attempting To Avoid The High Cost Of A Reported HIPAA Breach

by Dickinson Wright on

Preventing unintended or unauthorized disclosure of protected health information is an ever-present goal of all covered entities and business associates. However, protective firewalls and electronic data security measures are...more

New Jersey Limits Use of Shopper Data

Shoppers in New Jersey were promised increased privacy after Governor Chris Christie signed the Personal Information and Privacy Protection Act that limits the collection and use of personal information obtained from...more

DFS Cyber Regulation Countdown: Who Should Certify Compliance?

Companies subject to New York’s Department of Financial Services (DFS) new cybersecurity regulation should be preparing to comply with the first round of requirements by the upcoming August 28th deadline: enacting a...more

The DC Circuit Opens the Door to Data Breach Plaintiffs Alleging Substantial Risk of Future ID Theft

by Fenwick & West LLP on

The U.S. Court of Appeals for the D.C. Circuit has held that allegations of a heightened risk of future identity theft resulting from a data breach established a concrete injury at the pleading stage....more

Privacy Tip #100 – Scary Statistics on Identity Theft of Children

It is one thing to steal our identity as an adult, but children are defenseless against this type of fraud. According to Experian, it handles 25,000-30,000 cases of identity theft and fraud every year and a whopping 17...more

Privacy Perils: The Price of Consumer Loyalty

by Bass, Berry & Sims PLC on

People love a good discount, which is why almost 75% of adult Americans are signed up for at least one customer loyalty program. We love to rack up points with airlines for a seat upgrade, get a free Starbucks latte on our...more

In Data Breach Lawsuit, Mere Risk of Identity Theft is Enough to Stand On

by Saul Ewing LLP on

As the frequency of data breach incidents increases at a record pace, courts are becoming less reluctant to open the floodgates and allow consumers to bring data breach lawsuits. In its recent Attias v. CareFirst, Inc....more

A Guide to NYDFS Cybersecurity Regulations’ August 28 Implementation Deadline

by Hogan Lovells on

As a follow-up to our previous reports (December 30, 2016 Alert; February 24, 2017 Alert) regarding the cybersecurity regulations issued by the New York State Department of Financial Services (NYDFS), we would like to remind...more

Nevada Implements Law that Requires Notice for Collection of Personal Information

Nevada has become the third state in the Union to adopt a law that requires operators of websites and online services to provide notice to consumers who are Nevada residents of their practices around the collection and...more

Maryland Amends Personal Information Protection Act

by Jackson Lewis P.C. on

Amendments to Maryland’s Personal Information Protection Act expand the definition of personal information, modify the definition of breach of the security of the system, provide a 45-day timeframe for notification, allow...more

FTC Asked to Investigate Google’s Matching of “Bricks to Clicks”

Recently, the Electronic Privacy Information Center (“EPIC”) asked the FTC to begin an investigation into a Google program called “Store Sales Management.” The purpose of Store Sales Management is to allow for the matching...more

Cyber Insurance Primer

by Butler Snow LLP on

The number of reported U.S. data breaches tracked through June 30, 2017 hit a half-year record high of 791. This represents a significant jump of 29% over 2016 figures during the same time period. At this pace, it is...more

Two New PAC Opinions Provide Clarification to School Districts on Meeting Agendas and Redacting Information from FOIA Responses

by Franczek Radelet P.C. on

Recently, the Illinois Public Access Counselor (PAC) issued two opinions – one advisory and one binding – that reiterate the requirements of the Open Meetings Act (OMA) and the Freedom of Information Act (FOIA)....more

FTC Schools “Smart” Toys with Updated COPPA Compliance Guidance

by Hogan Lovells on

The Federal Trade Commission (“FTC”) released an updated guidance document for complying with the Children’s Online Privacy Protection Act (“COPPA”). The revised guidance, released on June 21, 2017, explicitly identifies...more

New York’s New Cybersecurity Regulations and its Impact on your Sensitive Health Information

by Farrell Fritz, P.C. on

Effective March 1, 2017, the New York State Department of Financial Services promulgated regulations to help protect against cybercriminals and their efforts to exploit sensitive electronic data. These cybersecurity...more

How the U.S. Healthcare Sector Can Prepare for and Harden Its Systems Against Cyberattack

by Hogan Lovells on

“The number one issue on the minds of many CEOs and boards is cyberattacks and data breaches,” said Hogan Lovells partner Marcy Wilder. In this hoganlovells.com interview, Wilder discusses three key things health sector...more

Women’s Health Care Group Notifies 300,000 About Ransomware Attack

Women’s Health Care Group of Pennsylvania has notified approximately 300,000 patients that their protected health information has been compromised by a ransomware attack....more

Are DC Federal Courts the Next Hotbed for Data Breach Class Actions?

by Carlton Fields on

We have previously reported on the evolving circuit split over standing in data breach class actions. On August 1st, a three judge panel for the District of Columbia Circuit became the latest to weigh in on the issue. In...more

1,854 Results
|
View per page
Page: of 75
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.