News & Analysis as of

Personally Identifiable Information Data Breach

The FTC Data Security Settlement with Uber

by Bilzin Sumberg on

The Risks of Overpromising and Underperforming - Demonstrating its authority over all things cybersecurity, the Federal Trade Commission (FTC) announced that it has entered into a proposed consent order with Uber for the...more

Recent Events Increase the Importance of HIPAA Risk Analyses and HIPAA Policies

Recent events highlight the fact that threats to customer and patient data continue to increase. In recent months, government agencies, news outlets, and others have spent considerable time investigating and reporting on...more

D.C. Circuit Revives Data Breach Putative Class Action On Standing Grounds, Widens Circuit Split

by King & Spalding on

On August 1, 2017, the U.S. Court of Appeals for the D.C. Circuit revived a data breach class action that was dismissed for lack of standing, holding that the district court improperly applied the Article III injury-in-fact...more

A Year in Review: FTC Data Privacy Actions and its Impacts on 2017 and Beyond

Whether it means taking a prominent role shaping data security for the Internet of Things, or addressing high profile breaches, the FTC has adopted an active position in policing data privacy and security. And, as data...more

Delaware Amends Data Breach Statute

by Ballard Spahr LLP on

Delaware has joined the growing list of states that have recently amended their data breach laws. With passage of the first significant amendments to its data breach law since 2005, Delaware continues a state-law trend of...more

CareFirst Data Breach Appeal Holds Three Key Lessons For Cyberattack Litigants

by Cozen O'Connor on

A recent federal appellate decision suggests that it might be getting easier for cyberattack plaintiffs to establish standing in a manner sufficient to survive a motion to dismiss. According to the U.S. Court of Appeals for...more

Mistake in Your Credit Report? The Latest Spokeo Decision Suggests You May Have A Case.

In the 9th Circuit’s August 15, 2017 decision in Robins v. Spokeo, the latest in the long-running legal debate about when a consumer cause of action exists for a data breach, the 9th Circuit has declared that inaccuracies in...more

Court Expands Standing for Plaintiffs to Pursue Data Breach Claims

On August 1, 2017, the D.C. Circuit handed down its decision in the data breach class action Attias v. CareFirst. In doing so, it became the latest federal appellate court to recognize that individual victims of a breach have...more

New Mexico’s Data Breach Law

by Snell & Wilmer on

Almost all U.S states have laws about data security and what to do when there’s a data breach. New Mexico recently added such a law for its state. Here is what’s in the New Mexico law....more

D.C. Circuit Concludes Heightened Risk of Future Identity Theft Enough for Standing in Data Breach Class Action

by Fisher Phillips on

Much to the dismay of companies, on August 1, 2017, the U.S. Court of Appeals for the D.C. Circuit made it easier for plaintiffs, and their attorneys, to bring class action data breach cases. In Attias v. CareFirst, Inc.,...more

D.C. Circuit Finds that Theft of Health Insurance Subscriber ID Numbers Is a Cognizable Injury in Identity Theft Litigation

by Moore & Van Allen PLLC on

Recently, the D.C. Circuit Court of Appeals ruled in Attias v. CareFirst, Inc., No. 16-7108, that customers had standing to sue a health insurer for a 2014 data breach in which the customers’ information was stolen. ...more

Another Circuit Joins the Trend of Setting a “Low Bar” for Standing in Data Breach Actions

by McGuireWoods LLP on

Consistent with a growing trend among courts nationwide, the D.C. Circuit Court unanimously held that a group of plaintiffs had cleared a “low bar” to establish constitutional standing for their claims in a data breach case...more

Attempting To Avoid The High Cost Of A Reported HIPAA Breach

by Dickinson Wright on

Preventing unintended or unauthorized disclosure of protected health information is an ever-present goal of all covered entities and business associates. However, protective firewalls and electronic data security measures are...more

New Jersey Limits Use of Shopper Data

Shoppers in New Jersey were promised increased privacy after Governor Chris Christie signed the Personal Information and Privacy Protection Act that limits the collection and use of personal information obtained from...more

The DC Circuit Opens the Door to Data Breach Plaintiffs Alleging Substantial Risk of Future ID Theft

by Fenwick & West LLP on

The U.S. Court of Appeals for the D.C. Circuit has held that allegations of a heightened risk of future identity theft resulting from a data breach established a concrete injury at the pleading stage....more

In Data Breach Lawsuit, Mere Risk of Identity Theft is Enough to Stand On

by Saul Ewing LLP on

As the frequency of data breach incidents increases at a record pace, courts are becoming less reluctant to open the floodgates and allow consumers to bring data breach lawsuits. In its recent Attias v. CareFirst, Inc....more

Maryland Amends Personal Information Protection Act

by Jackson Lewis P.C. on

Amendments to Maryland’s Personal Information Protection Act expand the definition of personal information, modify the definition of breach of the security of the system, provide a 45-day timeframe for notification, allow...more

Cyber Insurance Primer

by Butler Snow LLP on

The number of reported U.S. data breaches tracked through June 30, 2017 hit a half-year record high of 791. This represents a significant jump of 29% over 2016 figures during the same time period. At this pace, it is...more

New York’s New Cybersecurity Regulations and its Impact on your Sensitive Health Information

by Farrell Fritz, P.C. on

Effective March 1, 2017, the New York State Department of Financial Services promulgated regulations to help protect against cybercriminals and their efforts to exploit sensitive electronic data. These cybersecurity...more

How the U.S. Healthcare Sector Can Prepare for and Harden Its Systems Against Cyberattack

by Hogan Lovells on

“The number one issue on the minds of many CEOs and boards is cyberattacks and data breaches,” said Hogan Lovells partner Marcy Wilder. In this hoganlovells.com interview, Wilder discusses three key things health sector...more

Women’s Health Care Group Notifies 300,000 About Ransomware Attack

Women’s Health Care Group of Pennsylvania has notified approximately 300,000 patients that their protected health information has been compromised by a ransomware attack....more

Are DC Federal Courts the Next Hotbed for Data Breach Class Actions?

by Carlton Fields on

We have previously reported on the evolving circuit split over standing in data breach class actions. On August 1st, a three judge panel for the District of Columbia Circuit became the latest to weigh in on the issue. In...more

Cyber Insurance: Get What You Pay For              

by Fisher Phillips on

Due to the increasing number of successful and attempted cyber-attacks and increased government scrutiny surrounding protection of confidential information, companies cannot ignore the various risks associated with potential...more

Maryland Amends Data Breach Notification Law

by Ballard Spahr LLP on

The Maryland General Assembly recently amended the Maryland Personal Information Protection Act to expand the definition of personal information, provide a 45-day timeframe for providing notice of a breach, allow for...more

Federal Appeals Court Says Healthcare Insurer Must Face Data Breach Lawsuit

A federal appeals court earlier this week dealt a blow to healthcare insurer CareFirst, Inc., concluding that a group of customers have the right to pursue a class action data breach lawsuit based on a 2014 cyberattack....more

909 Results
|
View per page
Page: of 37
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.