Data Breach

News & Analysis as of

Mishandling Medical Records Turns Into an $800,000 HIPAA-Compliance Mistake

A non-profit healthcare company agreed to pay $800,000 as part of a settlement with the U.S. Department of Health and Human Services (HHS) for allegedly mishandling 71 boxes of medical records in violation of the privacy rule...more

Financial Services Report - Fall 2014

In This Issue: - Beltway Report - Bureau Report - Mobile and Emerging Payments Report - Mortgage and Fair Lending Report - Operations Report - Preemption Report - Privacy...more

Information Security Training Master Class: Winning the Battle against Data Breaches, Malicious and Negligent Employees, and...

The Human Element of Information Security - In Part One of this series, I laid out data breach statistics that were at best startling, and at worst downright terrifying. Thankfully, a large percentage of the data...more

WEBINAR: Breach, Enforcement and Beyond: HIPAA Breach Notification Analysis and OCR Enforcement Activities

The Office for Civil Rights of the US Department of Health and Human Services revised the breach notification regulations last year in order to make the analysis of whether a breach occurred more objective. In addition, OCR...more

The Celebrity Hacking Scandal and You: 3 Takeaways for Everyone

By now we all know a hacker accessed the personal iCloud accounts of dozens of A-list celebrities and leaked nude photos of stars such as Jennifer Lawrence, Kate Upton, Kirsten Dunst, and Victoria Justice. The anonymous...more

Back -to- School 2014

In mid-August Jewel-Osco announced that its computers, containing credit and debit card information, had suffered an “unlawful intrusion”. They are but the latest retailer to do so with the list that now includes CVS, Home...more

Information Security Training Master Class: Winning the Battle Against Data Breaches, Malicious and Negligent Employees, and...

Disclaimer: I am a crazy person. I read over 50 articles before I wrote this (WHO DOES THAT) and I’m not even sure how I got so sucked in. In short, information security is a big deal right now – and there are tons of ways to...more

California Court Dismisses CMIA Claim Based on Possession of Stolen Medical Data

A health organization narrowly averted paying a potential $4 billion in damages under the California Confidentiality of Medical Information Act (CMIA) for losing the medical records of more than 4 million patients. Plaintiffs...more

By “Any Manner” Of Means: Securing Cyber-Crime Coverage After Zurich v. Sony

Much has been written about the New York Supreme Court’s landmark ruling in Zurich American Insurance Co. v. Sony Corp., Index. No. 651982/2011 (N.Y. Supr. Ct. Feb. 21, 2014), in which a New York trial court denied coverage...more

The Trend of Stricter State Data Breach Laws Continues with Florida

Florida’s new Florida Information Protection Act, Fl. Stat. § 501.171, became effective July 1, 2014. The new law repeals and replaces Florida’s existing data breach notification requirements (Fl. Stat. § 817.5681) with more...more

Cybersecurity Litigation Monthly Newsletter

As we discussed in July, Tiversa, a “cyber-intelligence” company, notified the FTC in 2009 that a file containing the personal information of about 9,300 LabMD patients was available on a peer-to-peer file sharing network....more

Target Files Motion to Dismiss Data Breach Lawsuit

By now, we all know about the massive data breach at national retailer Target over the 2013 holiday season. The cyber-attack was carried out by sophisticated criminal hackers, who allegedly gained access to Target’s network...more

To Speak Or Not To Speak About A Data Breach

I recently posted about some companies making the decision to not announce when a data security breach has occurred, or at least they would think twice before announcing. According a couple crisis communication experts, that...more

September 22, 2014: Quickly approaching deadline to amend business associate agreements

The HIPAA Omnibus Rule, enacted last year, made a number of changes to the HIPAA privacy, security and breach notification rules. Some of these changes affected business associate provisions of the HIPAA privacy and security...more

Health Care Update - September 2014

In This Issue: - HealthCare.gov Hacking Breach - Implementation of the Affordable Care Act - Other Federal Regulatory Initiatives - Other Congressional and State Initiatives - Other Health...more

The Congress Ramps Up Action On Cybersecurity Legislation - Possibilities For Data Protection/Breach Legislation Still Exist

While not a day goes by without a new cybersecurity attack, the recent news of the Russian criminal gang who is alleged to have stolen over 1 billion user names and passwords as well as 500 million email addresses reinforces...more

Privacy Monday – September 2014

Back to school, back to traffic jams … back to Privacy Mondays! Our look at bits and bytes and goofs and gaffes in data privacy and security....more

Illinois Court Dismisses Plaintiffs Privacy Claims Arising out of HIPAA Breach

On July 10, 2014, a Kane County, Illinois Circuit Court granted a motion to dismiss with prejudice in favor of Advocate Health & Hospitals Corporation (Advocate) in a class action case arising out of a breach of patients'...more

Week in Review

Some popular online services made legal headlines this week. After years of litigation, a federal appeals court held that Yelp did not extort businesses by manipulating user reviews to coerce advertising purchases. While Yelp...more

Another day, another data breach…..DIYers, beware. This time it’s Home Depot.

It appears that the data breach victim of the week (perhaps of the year) is The Home Depot. Brian Krebs has reported that it appears that two large dumps of purloined credit card numbers have made an appearance on the black...more

Lessons from the iCloud Celebrity Hack

The highly publicized hacking of the iCloud accounts of dozens of celebrities was disclosed over Labor Day weekend and has raised larger, more serious concerns regarding the security of personal and corporate data held in the...more

PREVENTING AND RESPONDING TO DATA BREACHES IN AN ERA OF CYBER INSECURITY [Video]

Rarely does a day pass without new news of a data breach of some company around the world. It has impacted virtually every industry from hospitality to retail. What should companies do to avoid being the next target of...more

FRANCE: Orange receives a public warning from the French Data Protection Authority (CNIL) following a security breach in a...

The CNIL’s decision provides useful guidance on security measures that the CNIL considers must be taken by data controllers. Earlier this year, Orange discovered that the database of one of its sub-subcontractors had...more

Nebraska Federal Court Refuses To Dismiss Suit Claiming Breach Of Contract, Violation of State Law for Unauthorized Credit Card...

On August 20, the U.S. District Court for the District of Nebraska denied motions to dismiss filed by a Nebraska bank and two credit card processing companies in response to a purported class action filed by a merchant...more

Learning from Target: Insurance Coverage for Data Breaches

Cyber liability is a clear and present danger. Target Corp. recently reported at least $235 million as gross expenses related to its 2013 data breach. Fortunately, Target was able to recover $90 million of that loss under...more

741 Results
|
View per page
Page: of 30