News & Analysis as of

Multiple class action lawsuits filed against Premera Blue Cross for data breach

Days following Premera Blue Cross’s public announcement that it had experienced a data breach affecting approximately 11 million, it has been sued five times (as of the time of this writing) in proposed class action lawsuits...more

Another Health Plan Hit By Massive CyberAttack and Class Actions Follow

Coming fresh off the heels of the Anthem data breach Premera Blue Cross announced on March 17th that it was the victim of a “sophisticated” cyberattack that may have exposed the personal information of approximately 11...more

Your Business in the Age of Identity Theft and Individual Causes of Action

When your personal data is the subject of a hack attack, what are your rights? The US Supreme Court is considering this very issue in a case before it. On the block is the issue of whether an individual, who may not have...more

HIPAA Breach Affects Many Western New York School Districts

Recently, a national BlueCross BlueShield affiliate, Anthem, Inc., discovered that its information technology systems was hacked. The information believed to have been accessed includes names, member ID numbers, dates of...more

Delaware’s “Computer Security Breaches” Law Needs an Overhaul

I suspect this may surprise most Delawareans. In 2005, Delaware Governor Ruth Ann Minner signed into law House Bill 116. That bill, now codified as 6 Del. C. §§ 12B-101 et seq., requires individuals or commercial entities,...more

US District Court in Pennsylvania Dismisses Data Breach Class Action on Article III Standing

In Storm & Holt v. Paytime, Inc., 1:14-cv-01138-JEJ (MD Penn. Mar. 13, 2015), the United States District Court for the Middle District of Pennsylvania addressed the Article III standing issue of when a cause of action may...more

Threat of Identity Theft is Not Enough: Another Data Breach Class Action Dismissed for Lack of Standing

Hewing to prior Third Circuit precedent in Reilly v. Ceridian and the Supreme Court’s precedent in Clapper v. Amnesty International, the Middle District of Pennsylvania recently joined the majority of federal district courts...more

Large Retailer Agrees to Pay $10 Million Related to Data Breach Incident

On March 19, a district court granted preliminary approval in which a large retailer agreed to pay $10 million to settle a class-action action suit related to a 2013 data breach, which resulted in the compromise of at least...more

Frontiers Of Data Breach Litigation: Standing Issues Presented To Seventh Circuit In Lewart v. P.F. Chang’s China Bistro, Inc.

In a brief made public on March 10, P.F. Chang’s China Bistro, Inc. urged the U.S. Court of Appeals for the Seventh Circuit to affirm a lower court’s decision to toss out two consolidated complaints filed against the company...more

E-Discovery and Information Management: Electronic Data Breach Of Student Records—The University’s Obligation To Disclose (3/15)

Data security breaches have become unfortunately prevalent amongst higher education institutions. In fact, colleges and universities suffer data breaches at a rate of just over one per week.(1) The Privacy Rights...more

Montana Tweaks Data Breach Statute

The Big Sky Country’s data breach statute is going to see some small changes come October. On Feb. 27, 2015 Montana Governor Steve Bullock signed H.B. 74 into law, amending the state’s data breach notification statute. Among...more

Blog: Another Large Scale Data Breach Announced by Premera Blue Cross

Premera Blue Cross revealed Tuesday it was hit by a sophisticated cyber attack potentially exposing personal data for approximately 11 million of its members including members, employees and others with whom it does business,...more

Lessons Learned from the Anthem Cyber-Attack and Corresponding “HIPAA Actions”

Anthem Inc. (“Anthem”), the nation's second-largest health insurer, disclosed on Wednesday, February 4, 2015, that it was the victim of a major cyber-attack. According to Anthem, the attack exposed personal information of...more

White House Introduces Discussion Draft of Consumer Privacy Bill of Rights

Although most states have enacted some form of data privacy and breach notification laws, and certain federal statutory schemes cover specific industry sectors, there are no privacy protections for all personal data. Given...more

State Data Breach Notification Law Updates

State legislatures are not waiting for Congressional action on a national data breach notification standard. Montana — Montana has amended its 10-year old breach notification law (see Mintz Matrix) to expand the...more

Wyoming Amends Data Breach Statute, Increases Scope of PII and Notice

The scope of PII and data breach notice just got a lot bigger in Big Wyoming. Wyoming Governor Matt Mead signed two bills into law on March 2 amending the state’s data breach notification statute. The bills – S.F. 35 and S.F....more

What is a Privacy Policy? – Part 1

A privacy policy is a key legal document in this new era of Big/Data/Breaches. When distilled to its essence, a privacy policy is simply “say what you do, and do what you say” with others’ personal information. A growing...more

FTC May Have Authority to Regulate Companies’ Data Security Practices

Between 2008 and 2010, hackers stole credit card information from the computer network of Wyndham Hotels & Resorts LLC (“Wyndham”), which affected hundreds of thousands of Wyndham’s customers in the process. The Federal Trade...more

Sony and Its Insurers Wrangle over Coverage for Data Breach

According to a Law360 report, Sony Corp.’s lawyers recently asked a New York appeals court to overturn a trial court’s ruling that a data breach did not involve the “publication” of private information within the meaning of...more

Standing in Data Breach Cases – Still a Moving Target

Where do we stand on standing in data breach cases? It depends on which court you ask. In December 2014, two courts considered whether plaintiffs alleged sufficient injury in their complaints involving well-known data...more

South Korean Communications Commission Releases Guidelines on Data Protection for Big Data

In December 2014, the Korea Communications Commission (KCC) released the“Big Data Guidelines for Data Protection” (Guidelines). Aimed at Information and Communications Service Providers (ICSPs), they are designed to prevent...more

Court Dismisses Data Breach Class Complaint For Lack Of Standing

On February 11, 2015, the U.S. District Court for the Southern District of Texas held that a plaintiff lacked standing to pursue claims for alleged violations of the Fair Credit Reporting Act, 15 U.S.C. § 1681 et seq....more

No Harm, No Standing: Texas Federal Court Dismisses Data Breach Class Action

Dismissing a class action based on a data breach, the Southern District of Texas added to the growing number of decisions that find an alleged risk of future identity theft due to a data breach is not an injury that creates...more

Preparing for a Data Breach – What to Know about Breach Notification

Data breaches are at the forefront of the news, and many companies, including those dominant in the health care industry, have found themselves front and center in the headlines. Although recent news stories have focused...more

How Recent Data Breaches are Changing the Face of Cybersecurity for the Private Sector

If "The Year of the Breach" and the rapid start to data breaches in 2015 have taught us anything, it is that any company is susceptible to a cyber attack; and, while data breaches are not a new concept, the way the private...more

206 Results
|
View per page
Page: of 9