Risk Assessment Data Breach

News & Analysis as of

Cybersecurity: 2017 Report & 2016 Reflections - What Businesses and Boards Need to Know

In 2016, cybersecurity continued to grow as a primary business risk for companies worldwide. Data breaches continued to escalate both in number and magnitude and the landscape of legal and regulatory liability evolved and...more

OCR settles with MAPFRE for $2.2 Million

MAPFRE Life Assurance Company of Puerto Rico learned the hard way about the risk of loss of patient information with portable devices like USBs, even when they are stored in the IT Department....more

What Did They Say About Cybersecurity in 2016? 8 Proclamations from Regulators and the Courts

There is no such thing as compliance with the NIST Cybersecurity Framework (FTC). In September, the FTC dispelled a commonly held misconception regarding the NIST Framework: It “is not, and isn’t intended to be, a standard or...more

Lessons Learned from Recent OCR Settlements

We can learn some valuable lessons about compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) from settlements that are announced by the U.S. Department of Health and Human Services, Office...more

Mark Your Calendars: NY Cybersecurity Regulations to Go into Effect

A covered entity will need to arrange for someone to perform the CISO function, dedicate resources to conduct periodic risk assessments, develop and implement policies and procedures, and retain appropriate personnel and...more

New York Department of Financial Services Revises Cybersecurity Proposal: Greater Flexibility and Delayed Compliance Deadlines

As we previously reported, in December 2016 the New York Department of Financial Services (the “DFS”) announced that it was revising its proposed regulation that would require banks, insurance companies and other financial...more

HHS OCR Levies Significant HIPAA Penalties in a Series of Recent Settlements: Covered Entities and Business Associates Alike...

Between June and November 2016, the Department of Health and Human Services Office of Civil Rights (HHS OCR) has announced seven high-dollar settlements to resolve alleged violations of the HIPAA privacy, security, and breach...more

Class Action Litigation Trends

There is a great deal of misunderstanding concerning data security breach-related class actions. In large part the media and the legal media have exaggerated the quantity (and success) of class action litigation....more

New FTC Data Breach Response Guidelines

Cybersecurity should always be at the top of any retailer’s priority list—and even more so as the holiday shopping season gets underway. To that end, the Federal Trade Commission’s newly-released Data Breach Response...more

DFS Cyber Regulation: Part II – An Interview with Bay Dynamics’ Steven Grossman

This is the second installment in our interview with Steven Grossman, VP Strategy & Enablement at Bay Dynamics, the cyber risk analytics company. Here, Steven discusses the importance of aligning an institution’s risk...more

OCR Stresses Importance of Authentication in Newsletter

In a recent newsletter, the Office for Civil Rights (OCR) encourages health care organizations to review their procedures around authentication and “ensure that they have the appropriate safeguards in place.”...more

"Privacy & Cybersecurity Update - October 2016"

In this edition of our Privacy & Cybersecurity Update, we take a look at the FCC's new rules for broadband privacy, the FTC's new playbook for data breach response and notification, the NHTSA's voluntary guidance for...more

FTC Releases a Data Breach Response Guide For Business

Data breaches are fast becoming a fact of life. Experiencing a data breach is never a pleasant experience, regardless of how it happens – by accident, by criminal intent, or by system failure. Someone steals a company...more

Survey Shows Employees Top Security Risk for Companies

A recent survey conducted by Arlington Research for OneLogin in May 2016 of 1,022 respondents found what most of us already know: employees continue to be a high risk for employers when it comes to security risk. The...more

Business Viewpoint with Tom Vincent: Early investments can pay off in protecting company information

A breach of a company’s information security, and the theft or loss of sensitive data, can be very expensive. These costs can often be reduced, however, by making investments in the security of the company’s information – and...more

[Event] Data Breaches - What To Do When Your Client Falls Victim - September 28th, Mountain View, CA

The number of data breaches has risen significantly in the past few years. More and more companies, both large and small, are having their computer networks compromised and are looking for guidance on how to respond. This...more

Best Practices to Thwart Hackers Using Email to Get Your Money

Not a week goes by without some news report of another hacking incident. The industries targeted include large retail stores, restaurants, banks, attorneys, accountants and recently in Maryland, a title company. In...more

Cyber Risk and Reality – Procuring Transportation in the 21st Century

With the rapid pace of innovation and deployment of intelligent transportation systems (ITS) to enhance existing transportation infrastructure, transportation officials frequently procure and manage sophisticated systems that...more

Record-Breaking HIPAA Settlement Sends Strong Message to Covered Entities

This month marked the largest HIPAA settlement to-date for a single entity. Advocate Health Care Network (“Advocate”) agreed to pay $5.5 million and adopt a corrective action plan after an investigation by the Department of...more

Latest OCR HIPAA Settlement Provides Lessons for Covered Entities

Capping off a busy month of HIPAA settlements, on August 4, the Office for Civil Rights (“OCR”) announced a $5.55 million settlement with Advocate Health Care Network (“Advocate”), the largest fully-integrated healthcare...more

Cybersecurity News & Notes – June 2016 #2: A brief digest of cybersecurity news you can use...

In Case You Missed It: The SEC fined Morgan Stanley $1 million for a 2014 data breach. While the FTC had declined to pursue an enforcement action, blaming the breach on technical issues rather than any actions or omissions...more

2016: The Year of Cyber Insurance?

It has been said that there are two types of companies in the world – those that have been hacked, and those that do not yet know they have been hacked. While perhaps an overstatement, it seems that every day, another company...more

Employment Law Reporter - May 2016

The Age of The Data Breach : The Top 5 Best Practices - What will you do? We live in The Information Age. Increasingly, business success depends on the ability to obtain, maintain and intelligently utilize increasing...more

Corporate E-Note - April 2016

In an article published by the Birmingham Business Journal in the April 1 print edition, India Vincent provides insights on a series of questions related to cybersecurity, including some best practices to help monitor for and...more

Business Litigation Alert: "Law Firms Victim to Data Breaches"

Recently, reports surfaced that multiple law firms have fallen victim to data breaches, prompting class action litigation against the firms for exposing their clients' information. Law firms house a great deal of highly...more

110 Results
|
View per page
Page: of 5
Popular Topics

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×