News & Analysis as of

Risk Assessment Data Breach

Yet another Target settlement highlights data breach costs

by Thompson Coburn LLP on

In what appears to be the closing act of the saga that is the Target data breach, on May 23 the retailer announced it had reached a settlement agreement with a coalition of 47 states’ attorneys general. Pursuant to the...more

China Cybersecurity Law: Seven Key Points to Ensure You are Compliance Ready for its Launch on 1 June 2017

by Dechert LLP on

China’s Cybersecurity Law comes into force on 1 June 2017. It is a significant piece of legislation impacting all companies operating a network in China. It covers a wide range of activities relating to the cyberspace,...more

Colorado’s Proposed Cybersecurity Rules for Investment Advisers and Broker-Dealers

by Snell & Wilmer on

Colorado has new proposed rules that add cybersecurity requirements for certain entities with Colorado securities licenses. The proposed rules are from the regulatory agency the Division of Securities. It licenses securities...more

Protection of Vendor Report and Documents as Work Product is Big Win for Experian

When assisting clients with emergency data breach response, and preparing and implementing a data privacy and security plan, it often becomes efficient, cost effective and necessary to hire outside vendors to assist with...more

Q: Could You Be Dragged Into Court For A Company Data Breach? A: It Depends

by Fisher Phillips on

This same time last year, many in the business community were eagerly anticipating the U.S. Supreme Court’s ruling in Spokeo, Inc. v. Robins, which was to decide the standard that should be applied to determine whether...more

OCR Settlement Lessons - Failing to Perform an Electronic Access Risk Analysis Before an Unauthorized Access Occurs

by Ruder Ware on

Failure to conduct a risk assessment before a hacking incident occurred resulted in a $400,000 settlement between the Office of Civil Rights (OCR) and a Federally Qualified Health Clinic (FQHC). The FQHC filed a breach...more

Lessons from OCR HIPAA Settlements - Mobile Device Security Standards

by Ruder Ware on

In the first known case involving a wireless provider, a cardiology service provider agreed to pay a $2.5 million settlement based on the impermissible disclosure of unsecured electronic protected health information (ePHI)....more

Two HIPAA Mistakes Lead to Fines from OCR

It was a busy April for the Office for Civil Rights (“OCR”) (see our prior post on a settlement from earlier in April). On April 20, OCR announced a Resolution Agreement with Center for Children’s Digestive Health, S.C....more

[Webinar] What Attorneys Need to Know About Cybersecurity and Data Privacy in 2017 - May 31st, 10:00am PT

by CloudNine on

You’ve heard the horror stories. Data breaches are happening within organizations at an alarming rate, and sensitive data is being compromised regularly. As an attorney, what can you do to protect yourself, your firm and your...more

Healthcare Advisory: HHS Announces First Settlement with a Wireless Health Services Provider

by Sherman & Howard L.L.C. on

On April 24, 2017, the Department of Health and Human Services, Office of Civil Rights (“OCR”), announced its first settlement with a wireless health services provider, CardioNet, Inc., for alleged violations of the Health...more

N.Y.’s New Cybersecurity Regulations: What Financial Services Companies Need to Know

With corporate data security breaches on the rise, the New York State Department of Financial Services (NYDFS) has adopted rules requiring financial institutions to take certain measures to safeguard their data and inform...more

Cybersecurity: Yes, They Will Hack Your Car

by Foley & Lardner LLP on

Auto manufacturers are increasingly equipping vehicles with rapidly advancing technologies, raising concerns regarding how the public will be affected by these changes. Manufacturers are beginning to implement automated...more

Cybersecurity: 2017 Report & 2016 Reflections - What Businesses and Boards Need to Know

by Bennett Jones LLP on

In 2016, cybersecurity continued to grow as a primary business risk for companies worldwide. Data breaches continued to escalate both in number and magnitude and the landscape of legal and regulatory liability evolved and...more

OCR settles with MAPFRE for $2.2 Million

MAPFRE Life Assurance Company of Puerto Rico learned the hard way about the risk of loss of patient information with portable devices like USBs, even when they are stored in the IT Department....more

What Did They Say About Cybersecurity in 2016? 8 Proclamations from Regulators and the Courts

by Orrick - Trust Anchor on

There is no such thing as compliance with the NIST Cybersecurity Framework (FTC). In September, the FTC dispelled a commonly held misconception regarding the NIST Framework: It “is not, and isn’t intended to be, a standard or...more

Lessons Learned from Recent OCR Settlements

by Ruder Ware on

We can learn some valuable lessons about compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) from settlements that are announced by the U.S. Department of Health and Human Services, Office...more

Mark Your Calendars: NY Cybersecurity Regulations to Go into Effect

by Pepper Hamilton LLP on

A covered entity will need to arrange for someone to perform the CISO function, dedicate resources to conduct periodic risk assessments, develop and implement policies and procedures, and retain appropriate personnel and...more

New York Department of Financial Services Revises Cybersecurity Proposal: Greater Flexibility and Delayed Compliance Deadlines

As we previously reported, in December 2016 the New York Department of Financial Services (the “DFS”) announced that it was revising its proposed regulation that would require banks, insurance companies and other financial...more

HHS OCR Levies Significant HIPAA Penalties in a Series of Recent Settlements: Covered Entities and Business Associates Alike...

by Arnall Golden Gregory LLP on

Between June and November 2016, the Department of Health and Human Services Office of Civil Rights (HHS OCR) has announced seven high-dollar settlements to resolve alleged violations of the HIPAA privacy, security, and breach...more

Class Action Litigation Trends

by Bryan Cave on

There is a great deal of misunderstanding concerning data security breach-related class actions. In large part the media and the legal media have exaggerated the quantity (and success) of class action litigation....more

New FTC Data Breach Response Guidelines

by Robins Kaplan LLP on

Cybersecurity should always be at the top of any retailer’s priority list—and even more so as the holiday shopping season gets underway. To that end, the Federal Trade Commission’s newly-released Data Breach Response...more

DFS Cyber Regulation: Part II – An Interview with Bay Dynamics’ Steven Grossman

This is the second installment in our interview with Steven Grossman, VP Strategy & Enablement at Bay Dynamics, the cyber risk analytics company. Here, Steven discusses the importance of aligning an institution’s risk...more

OCR Stresses Importance of Authentication in Newsletter

In a recent newsletter, the Office for Civil Rights (OCR) encourages health care organizations to review their procedures around authentication and “ensure that they have the appropriate safeguards in place.”...more

"Privacy & Cybersecurity Update - October 2016"

In this edition of our Privacy & Cybersecurity Update, we take a look at the FCC's new rules for broadband privacy, the FTC's new playbook for data breach response and notification, the NHTSA's voluntary guidance for...more

FTC Releases a Data Breach Response Guide For Business

by Snell & Wilmer on

Data breaches are fast becoming a fact of life. Experiencing a data breach is never a pleasant experience, regardless of how it happens – by accident, by criminal intent, or by system failure. Someone steals a company...more

122 Results
|
View per page
Page: of 5
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.