Personally Identifiable Information Data Security

News & Analysis as of

Administrative Law Judge Dismisses FTC’s Complaint Against LabMD In Data Breach Case, Citing Lack Of Consumer Harm

On November 13, 2015, the Chief Administrative Law Judge (“ALJ”) Of the Federal Trade Commission (“FTC”) dismissed an Administrative Complaint against LabMD, Inc. (“LabMD”) regarding its data security practices. In a 92-page...more

ALJ Dismisses FTC’s Data Security Suit Against LabMD for Failure to Prove ‘Substantial Injury’ to Consumers

In a landmark decision, an administrative law judge dismissed the FTC’s long-running data security lawsuit against Atlanta-based cancer screening laboratory, LabMD Inc., following an alleged data breach. Chief Administrative...more

The LabMD Case: Further Defining the FTC’s Enforcement Powers

The scaffolding of the FTC’s powers in the realm of cybersecurity continues to be built. On Monday, the FTC’s Chief Administrative Law Judge D. Michael Chappell issued an initial decision in the FTC’s closely watched...more

FTC Theory of Unrealized Consumer Injury Rejected in LabMD Data Security Case

In what could be a major setback for the Federal Trade Commission (FTC) in the data security arena, an Administrative Law Judge (ALJ) has ruled that an unfairness claim brought by the FTC under Section 5 of the FTC Act...more

Recent Amendments to Security Breach Notification Laws Further Complicate Breach Notification for Employers

It is not a matter of "if" but "when" an employer will be required to notify employees of a security breach.  Forty-seven states require employers to notify employees when defined categories of personal information, including...more

Data Breach Planning in 10 Easy Steps: How to Think Like A Litigator

For the first Tuesday in November, we have 10 easy steps to make sure that your data breach incident response planning is viewed from that pesky point of view of a litigator....more

Illinois finds itself at forefront of facial-recognition litigation

Illinois is leading the way in regulating facial-recognition technology — it is one of only two states (the other Texas) that has passed laws covering the collection and use of biometric information. Illinois also is...more

HIPAA and Text Messaging

Text messaging is pervasive. Doctors and other health care providers, covered entities, and business associates currently use (and embrace) the technology. Texting is easy, fast and efficient. It doesn’t require a laptop...more

Uber class action case hits roadblock

A California federal judge has ruled that a former Uber driver who is suing Uber in a proposed class action case was unable to show that he suffers an immediate threat of identity theft and dismissed the driver’s first...more

California Updates Data Security Laws

Why it matters - The first state to enact data breach notification legislation, California has now updated Civil Code Section 1798.82 with three new bills signed into law by Governor Jerry Brown. Specifically, Senate...more

Data-Harvesting Zombie Hackers, Blood-Thirsty Auditors, and Other Reasons to be Scared on Halloween

This Halloween, the scariest monsters might not be in your closet or under your bed. They may be overseas, orchestrating intrusions into your electronic medical record. Or they may be lurking in your own workforce, carrying...more

Advertising Law - October 2015 #4

Eleventh Circuit Rejects Application of VPPA to Free App - The latest decision interpreting the application of the Video Privacy Protection Act in the context of twenty-first century technology provides positive news for...more

Colleges and Universities Are Prime Cyberattack Targets: What’s Behind the Threat?

When it comes to cyberattack targets, many think of retailers and associated credit card transactions or customer information, or perhaps healthcare providers with their ever-increasing storage and transmission of electronic...more

Video Privacy Protection Act Narrowed – App’s Transmission of Roku ID Not Disclosure of Personal Information

A New York district court opinion is the latest addition to our watch of ongoing VPPA-related disputes, a notable decision on the issue of what exactly is a disclosure of “personally identifiable information” (PII) under the...more

HIPAA Double Take: What Health Plan Sponsors Need to Know Now

With the onslaught of Affordable Care Act changes, health plan sponsors have much to think about lately. Given the number of other issues affecting them, plan sponsors may feel that HIPAA privacy and security is an issue they...more

More Data Vulnerabilities, Cyber Breaches Detected in Healthcare Exchanges

Government audits continue to reveal that millions of people’s personally identifiable information is at risk. Continuous audit reports by the Office of the Inspector General (OIG) of The Department of Health and Human...more

Could a Vendor’s Lax Info Security Ruin Your Holiday Sales? Seven Preventative Steps for Retailers

Many of the largest retailer data security breaches have been caused or enabled by the acts or omissions of retailers’ vendors, such as the widely publicized incident at Target Corporation. Several such breaches occurred...more

Purchasing Cyber Insurance? Important Considerations from the Recent Nossaman/ UCI Cyber Symposium

On October 12, 2015, Nossaman and UC Irvine hosted a Cyber Symposium at the City Club in Los Angeles. The event included four panels of Nossaman lawyers, UCI professors, and private professionals who are experts in the areas...more

Tagging Trouble: Forays into the Regulation of Biometric Data

We leave breadcrumbs of biometric information scattered around our daily lives, which may be collected and used by private entities, often without our knowledge or consent. The sound of your voice when you call your bank’s...more

Corporate Investigations & White Collar Defense - October 2015

"Wherefore Art Thou Due Process?" Part III - Why it matters: It is time for another installment in our continuing "Wherefore Art Thou Due Process?" coverage into the ongoing constitutional challenges to the SEC's...more

Employee Health Information: Separate and Secure

There are several reasons an employer might have employee health information, ranging from the results of a pre-employment physical to the contents of a request for FMLA leave to what’s written in a health provider’s note...more

Keeping the Data-Breach Headlines In Perspective

From the Sony Pictures settlement, to the Ashley Madison debacle, data breaches are making big headlines of late. And when it comes to one case in particular — the data breach at luxury retailer Neiman Marcus (Remijas v....more

SEC Cybersecurity Update

Results from the SEC’s First Round of Cybersecurity Examinations - On February 3, 2015, the OCIE published a risk alert summarizing its findings from its examinations of over 100 registered investment advisers and...more

California Amends Data Breach Notification Statute by Requiring Specific Notification Content and Expanding the Definition of...

California’s Data Breach Notification Statute was amended on October 6, 2015, by Governor Jerry Brown. The amendment, which takes effect on January 1, 2016, makes important changes to the existing law, including new...more

Alphabet Soup and Data Security

In the span of two days, mobile device users learned of two data breaches that could compromise their personal data. In one, Experian (a credit reporting agency) reported that it was hacked, potentially putting 15 million...more

193 Results
View per page
Page: of 8

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.