No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Sitting with the C-Suite: Information Governance and eDiscovery - Key Compliance Issues for In-House Counsel
Ubiquiti, a manufacturer of products used for networks such as routers, webcams and mesh networks, announced this week that an unauthorized access to its systems hosted by a third-party cloud provider may have compromised...more
As the world focuses its efforts on the right strategy to beat the coronavirus and make normal life safe again, businesses are devising and implementing a variety of measures to deal with the COVID-19 crisis which rely on the...more
Not to say, I told you so, but around the same time that the Capital One data breach occurred, I was reminding clients that nearly half of all significant data breaches or cyber-incidents occur because of internal actors. ...more
The CEO of the popular ride-sharing app, Uber, published a bombshell letter to the public yesterday, stating that two hackers had stolen information from almost 60 million driver and rider accounts in October 2016....more
When it comes to privacy and security laws governing sensitive data, you don’t have to be a financial or health institution to have information that is subject to state and federal regulation. Almost every organization with...more
Cloud computing is the practice of enlisting a “cloud provider” to deliver data, applications and storage to users through the internet, which allows each user to share the computing resource and forego some on-premise...more
Navigating the crossroads of security and convenience is a balancing act, but it can be done. Two minutes. That’s all it takes to perform a Google search on yourself—or anyone you choose—and obtain a virtual encyclopedia...more
An unknown intruder was able to access team communication platform HipChat last weekend, allowing access to the account information of users, including email addresses, hashed passwords and names. There is also a chance that...more
Cloudflare, Inc., a provider of performance and security solutions for websites, recently disclosed that a software bug caused it to leak customer data that was then cached by search engines. Uber, Fitbit, and OkCupid sites...more
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued a new guidance regarding HIPAA compliance and the use of cloud computing solutions. The guidance is intended to assist covered entities...more
Companies are under tremendous pressure to reduce IT costs. Cloud and Software as a Service (SaaS) offer significant potential cost reductions through the use of shared infrastructure and standardized software offerings....more
Delaware’s New Privacy Policy Requirements - Effective January 1, 2016, Delaware became the second state in the U.S., joining California, to require operators of commercial websites that collect personally...more
ASUS TeK Computer, Inc. (ASUS) has agreed to settle with the FTC over allegations that “critical security flaws in its routers put the home networks of hundreds of thousands of consumers at risk.” The FTC further alleges that...more
A new privacy law requires companies to make specific statements about what information is collected on its website. Like California, it also requires that companies state in writing whether they respect “Do Not Track”...more
Systema Software, which provides software solutions for claims management, is investigating a breach (although it was discovered, accessed and confirmed by an independent third party) involving information of 1.5 million...more
Tennessee has joined other states in formally approving lawyers’ cloud-storage of client-confidential data. The Board of Professional Responsibility (“BOPR”) held that lawyers ethically may use cloud storage for...more
Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more
Last month the German Federal Government IT Advisory Committee ("Federal IT Committee") issued new cloud computing service criteria for all prospective vendors to German Federal Agencies. Cloud services providers who offer,...more
For technology startups, maintaining strong security controls remains vital to winning new business opportunities and strengthening existing relationships. Despite the global spike in cybersecurity attacks (there were 42.8...more
Not coincidentally, on July 21, 2015, Wired Magazine published an article with groundbreaking evidence of hacking a car wirelessly, and Senators Edward Markey (D-Mass.) and Richard Blumenthal (D-Conn.) introduced legislation...more
On July 10, 2015, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced a substantial settlement with St. Elizabeth’s Medical Center (SEMC). Under the terms of the settlement, the hospital...more
A compilation of time-sensitive and trending legal and regulatory issues that general counsels and business leaders should be aware of in 2015. Employers Should be Aware of Multigenerational Workforce Risk - For...more
Hosting and securing data is a concern for both businesses and consumers. As companies and health systems are quickly adopting the idea of hosting data “in the cloud,” regulatory agencies are crafting laws to protect private...more
Public cloud computing services-- computing resources (such as networks, storage, applications, and services) purchased from another company (a “cloud services provider”)-- offer many potential benefits for businesses, among...more
Issues of data privacy and security are central to most cloud contract negotiations. While cloud service providers may be willing to take responsibility for the integrity of their networks, accepting obligations in relation...more