Security and Privacy Controls

News & Analysis as of

Heartbleed SSL/TLS Vulnerability

"SSL" and "TLS" refer to the transport protocols that are used widely across the web to secure communications between end users and servers. Websites, web applications, online services, portals, and even some virtual private...more

Protection against Business and Legal Risks from the iPhone 5s Security Vulnerabilities

The iPhone 5s debuted with a list of new features designed to enhance its users’ experience. Among the list is Touch ID, a form of biometric security that allows users to lock and unlock their iPhone with their fingerprint....more

On the 11th Day of Privacy, class counsel served on me……

. . . a data breach class action. Hackers and plaintiffs’ lawyers could combine to make 2014 the year when class actions concerning theft of sensitive information proliferate. On this 11th Day of Privacy, we look...more

Advertising Law -- Jul 11, 2013

FTC to Search Engines: Make Ads Distinct - Eleven years after last issuing guidance to search engines about displaying paid search results, the Federal Trade Commission sent letters to dozens of companies, including...more

Unhack My Heart: FDA Issues Guidance To Mitigate Cybersecurity Threats In Medical Devices

A new guidance document from the FDA lists considerations and suggested steps to reduce the likelihood of cybersecurity breaches in medical devices....more

FCPA Enforcement As A Security Issue And Implications For The Compliance Practitioner

One of the things that has long puzzled me is what led to the significant rise in the enforcement of the Foreign Corrupt Practices Act (FCPA) beginning in the 2003-2004 time frame? ...more

New Cybersecurity Guidance Released by the National Institute of Standards and Technology: What You Need to Know for Your Business

The National Institute of Standards and Technology (“NIST”) has released the fourth revision of its standard-setting computer security guide, Special Publication 800-53 titled Security and Privacy Controls for Federal...more

Final HIPAA Regulations Impact Group Health Plans

The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) sets forth rules to protect the privacy and security of individuals’ health information that is held by “covered entities,” such as group health plans....more

OCR Scrutiny Continues – Are You Ready For the September Deadline?

On May 21, 2013, the U.S. Department of Health and Human Services (“HHS”) released details regarding a $400,000 settlement with Idaho State University (“ISU”) for alleged violations of the HIPAA Security Rule. The settlement...more

HIPAA Enforcement: Unleashing The Dogs

Prosecutors are a fun bunch and they love their jobs and their mission – to prosecute law-breakers for violating the law. ...more

Employers – Are You Updating Your HIPAA Documents?

The Department of Health and Human Services released final Health Insurance Portability and Accountability Act (HIPAA) privacy and security regulations on January 25, 2013. ...more

Data Breach - Your Organization Needs a Plan

The Privacy Rights Clearinghouse’s Chronology of Data Breaches lists 3,671 incidents affecting 607,295,463 records since 2005,1 including these three: - A worker steals customer records containing credit card, bank...more

That’s the Way the Consensus Crumbles: CISPA Splits Natural Allies in High-Tech

If there’s one thing Americans of all political stripes seem to agree on, it’s the need to thwart cyber-attacks on critical U.S. systems. Just this week, the Pentagon for the first time openly blamed China for hacking U.S....more

NIST Revamps Core Computer Security Guide

On April 30, the National Institute of Standards and Technology (NIST) published a substantially revised version of its Special Publication 800-53, “Security and Privacy Controls for Federal Information Systems and...more

It's 2013. Do You Know Where Your BYOD Policies Are?

Imagine you grab your phone only to find it locked, with all of your applications, pictures, and contacts permanently deleted. Imagine your employer's IT department remote-wiped your phone because they mistakenly believed it...more

OCR Publishes HIPAA Guides for Providers and Consumers

Understanding the complexities of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules is often a challenge for health care providers and consumers. Recognizing the widespread...more

Global Sourcing Group -- Spring 2013

Every year, we survey Morrison & Foerster’s Global Sourcing Group lawyers around the world to create a snapshot of the current state of the global outsourcing market and to identify emerging trends that are likely to shape...more

FTC Seeks Input On Privacy, Security Implications Of Connected Consumer Devices

On April 17, the FTC requested input on the consumer privacy and security issues posed by the connectivity of consumer devices in advance of a public workshop to be held on November 21, 2013. The request notes that connected...more

Taking advantage of ADR in the entertainment industry - IP cases in the entertainment industry are great candidates for mediation...

As courts throughout the U.S. have become more and more backlogged with cases, and as the financial stakes in litigation have grown increasingly larger, so too has the need for quality alternative dispute resolution (ADR)...more

FTC Balances Privacy, Connectivity Needs

While “smart” devices provide a wealth of consumer benefits, they pose risks to privacy and security due to their ability to collect and share personal data. In response to the increasing use and capabilities of smart...more

NIST Seeking Comments on Revised Standards for FISMA Compliance

On February 6, 2013, the National Institute of Standards and Technology (NIST) requested public comment on its latest revised draft of “Security and Privacy Controls for Federal Information Systems and Organizations,”...more

21 Results
|
View per page
Page: of 1