News & Analysis as of

Data Breach Prevention and Response: Avoiding Potential Pitfalls and Implementing Best Practices to Protect Your Company

In This Presentation: - Overview of data breach landscape - Data breach response ..Technical best practices ..Legal best practices - Data breach prevention ..Technical best practices ..Legal best...more

Information Security Training Master Class: Winning the Battle against Data Breaches, Malicious and Negligent Employees, and...

Information security has continued to play prominently in the news as this series has evolved. Just today AT&T announced a data breach. Home Depot and Jimmy John’s, also added to the list in the past month, are still...more

The General Counsel’s Role Before and After a Data Breach Incident

“It is often said that there are two kinds of companies out there — those that have suffered a data breach and those that will have one,” said Latham & Watkins partner Kevin Boyle. “So it makes a lot of sense to be prepared...more

Federal Financial Regulators Issue Warning on ‘Shellshock’ Security Vulnerability

The Federal Financial Institutions Examination Council (FFIEC) recently issued an alert warning financial institutions of a security vulnerability nicknamed “Shellshock” in software commonly used in servers and other...more

Cyber Risk Insurance: Surging Demand and Evolving Coverage

Cyber risk insurers are doing a brisk business these days. Reports of data breaches abound, and risk managers are understandably looking to offload some of the risk through insurance. As a result, insurers are issuing new...more

Five Basic Steps for Dealing with Cybersecurity Threats

Recent legal headlines have been filled with news about data breaches and lapses of information security across all sectors of the economy. Hospitals, colleges, and even major international retailers such as Target and Home...more

The Home Depot Data Breach: There’s No Time Like the Present for Cybersecurity

As Home Depot’s recent cybersecurity breach emphasizes, there is no time like the present to institute controls designed to prevent an attack. In the latest data security breach, Home Depot’s servers were broken into,...more

Information Security Training Master Class: Winning the Battle Against Data Breaches, Malicious and Negligent Employees, and...

Disclaimer: I am a crazy person. I read over 50 articles before I wrote this (WHO DOES THAT) and I’m not even sure how I got so sucked in. In short, information security is a big deal right now – and there are tons of ways to...more

New York AG Reports that Data Breaches Cost New York Businesses over $1B Last Year

The current headline in data security is a just-released report from the New York Attorney General's Office (the "AG Report") announcing that the number of reported data breaches more than tripled between 2006 and 2013,...more

New York Attorney General Report Shows the Number of Data Breaches is on the Rise and Recommends Steps to Take for Protecting...

On July 15, 2014, the New York Attorney General issued a report examining the growing number and costs of data breaches in the state of New York. The report titled, “Information Exposed: Historical Examination of Data...more

To keep data safe, law firms must embrace a culture of security

As the White House report on big data indicates, an enormous amount of information is collected, stored, analyzed and relayed in digitized form over the Internet and, increasingly, using mobile technology. Headlines...more

Survey Shows U.S. Organizations Need More Improvement To Counter Cybercriminals

Despite a surge in both the number of detected cybersecurity incidents and the financial costs associated with such breaches, a new report shows that U.S. organizations lack the necessary defenses to effectively counter...more

Key Questions to Ask When Preparing a Data Breach Response Plan (Part II)

Following up on last week’s post, we return to the wide range of questions about a company’s operations that can guide a team building a data breach response plan to cover many of the risks encountered in the wake of a...more

Cyber-Security Corporate Governance: Three Essential Steps To Form A Cyber-Security SWAT Team

Last year, Canadian Lawyer InHouse Magazine posed the question, "Should in-house counsel be asking more questions about the strength of their company's cyber systems…" and they cited the Association of Corporate Counsel 2012...more

Plugging the Leak: Guidelines for a Data Breach Response Plan

Though data breaches have been on the forefront of many large company’s risk management efforts for a number of years, it has become clear that the threat of a data breach is very real and touches on every business,...more

Cyber Risks for the Boardroom Part 1: The Recent Increase in Focus on Privacy Issues

Each day this week, we are going to explore some of the issues in the rapidly growing area of cyberliability. We will examine the recent increase in focus on privacy issues, why directors should be concerned, the top...more

Security Rule Compliance: The Importance of Performing Regular Risk Analyses

It is likely that you are familiar with the HIPAA Security Rule’s mandate that covered entities and business associates document the decision making process that led to the selection of their means to achieve security for...more

Cybersecurity Is Not Just an IT Issue; It’s an IG Issue

For leaders and counsel in many organizations, the word “cybersecurity” typically triggers concerns about the IT department, conjuring images of hackers and requiring unfamiliar terminology such as “firewalls” and...more

35 Days And Counting - R.I.P. Windows XP

Effective April 9, 2014, Microsoft will no longer provide technical support or security updates for the Windows XP operating system. According to Microsoft, personal computers running Windows XP after April 8, 2014 should not...more

On the Fifth Day of Privacy, the SEC Gave to Me…..

Sing it with me now….. FIVE GOLDEN RULES! As public companies prepare for the New Year and the start of yet another annual reporting season, it is the perfect time to reflect on our 2013 prediction that the SEC would...more

Health plan pays for failing to erase data on leased equipment: two takeaways for companies handling electronic PHI

The Office for Civil Rights (OCR) has announced a settlement between the US Department of Health and Human Services and Affinity Health Plan, Inc. to address potential violations of the Health Insurance Portability and...more

HIPAA’S FINAL RULE: Putting Things in Perspective – Comments from OCR

On March 22, 2013, Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) Director Leon Rodriguez presented the keynote address to attendees of the American Health Lawyers’ Association HIPAA/HITECH Conference in...more

The Storm Has Arrived: Cybersecurity, Risks And Response

Every day the headlines report another Fortune 500 company suffering a hacking incident. For companies, the hack itself creates substantial risks of economic devastation caused by the theft of valuable trade secrets. Add to...more

The New HIPAA Omnibus Rule & Your Liability — A Detailed Review

As we have reported in this blog, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently released final regulations containing modifications to the HIPAA Privacy, Security, Enforcement, and...more

A Detailed Analysis of Changes to HIPAA and the Implications for Healthcare Providers and Others in the Healthcare Industry: HIPAA...

Changes to the HIPAA Breach Notification Rule - Background: The HITECH Act required Covered Entities to notify individuals, HHS, and in some cases, the media, of a Breach of Unsecured PHI. A Business Associate is...more

29 Results
|
View per page
Page: of 2