Security and Privacy Controls

News & Analysis as of

The WSGR Data Advisor - November 2015

The last two months certainly have been eventful in the world of privacy. In this issue of The WSGR Data Advisor, we examine the Court of Justice of the European Union’s recent and highly significant Schrems decision that...more

How to prevent data theft from lost devices

Technology can be a blessing and a curse for attorneys. While technology enables attorneys to be able to conduct business on the go, it also puts client and firm data at risk. In the United States, someone loses a cellphone...more

FTC Administrative Law Judge Issues Initial Decision in LabMD Matter

In a stunning victory, an administrative law judge has recommended the dismissal of a long-pending US Federal Trade Commission (FTC) complaint against LabMD, Inc. (LabMD). In a strongly worded opinion in a case that had...more

FCC Enters Into First Consent Decree with a Cable Operator Over Privacy Breach

Demonstrating an increasing trend of actively pursuing non-traditional violations of its Customer Proprietary Network Information (“CPNI”) and data privacy rules, the FCC reached a settlement last week with Cox...more

"Intellectual Property and Technology News (Asia Pacific) - November 2015

Welcome to the latest Asia Pacific Edition of Intellectual Property and Technology News, our biannual publication designed to report on worldwide developments in intellectual property and technology law, offering perspective,...more

Senate passes Cybersecurity Information Sharing Act

After a long delay, with a vote of 74 to 21, the United States Senate passed the Cybersecurity Information Sharing Act (CISA) on October 27, 2015. The bill has been touted as being controversial and is opposed by...more

OCR Announces HIPAA Security Settlement with Cancer Care Group, P.C.

In September, 2015, OCR and HHS issued a press release announcing a Resolution Agreement with the Cancer Care Group, P.C., which included entry into the agreement, the adoption of a robust compliance plan, and the payment of...more

California Does It Again – Data Breach Notification Requirements

California adopted the first breach notification statute in the nation, and prides itself at being in the forefront of consumer privacy and security issues. On October 6, 2015, for the third time in the past three years,...more

There’s a New (Cybersecurity) Sheriff in Town: FTC vs. Wyndham

On August 24, 2015, the Third Circuit United States Court of Appeals issued its ruling in Federal Trade Commission v. Wyndham Worldwide Corporation. The case was highly anticipated by the data security community generally for...more

Everybody’s Talkin’ At Me: 5 Things Clients Should Be Talking About

E-discovery is complex, even for the most sophisticated corporations. A wrong turn or inadvertent misstep can send the case spiraling down quickly, not to mention what it can do to your budget. Here’s what we believe clients...more

Smart-TV now regulated under new California law

Californians are now protected from smart-TV eavesdropping under new law, Assembly Bill 1116, which requires that smart-TV manufacturers ensure that voice-recognition features will not be enabled without consumer consent, and...more

Pennsylvania Federal Court Finds Standing in Data Breach Class Action

The debate over standing in data breach litigation is gaining more attention lately. While many courts have hesitated to find standing prior to lost personally identifiable information (PII) actually being misused, the U.S....more

SEC Fines Investment Firm $75,000 for Failing to Adopt Written Cybersecurity Policies and Procedures

Investment firm R.T. Jones Capital Equities Management (R.T. Jones) has agreed to settle with the Securities and Exchange Commission (SEC) and pay a $75,000 penalty over charges that it failed to adopt written policies and...more

OCR Launches Interactive HIPAA Site for Mobile Health App Developers

On October 5, 2015, the Office for Civil Rights (OCR) announced the launch of a new platform for mobile health (mHealth) developers and others interested in the intersection of health information technology and HIPAA privacy...more

SEC Settles Charges Against Investment Firm that Failed to Adopt Cybersecurity Policies Before Data Breach

Recently, the SEC announced that R.T. Jones Capital Equities Management, a St. Louis-based investment adviser, agreed to settle charges that it failed to establish the required cybersecurity policies and procedures before a...more

OCIE Issues Cybersecurity Risk Alert and Exam Plans; Follows Up with Enforcement Action

The Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) recently released a Risk Alert containing its plan for a second round of cybersecurity examinations of registered...more

What's So Great About an Information Security Policy?

Lawyers and compliance professionals constantly tout the importance of internal information security policies, particularly in light of data privacy problems that are reported almost daily in the media. Admittedly, drafting...more

SEC Charges Investment Adviser with Failure to Adopt Proper Cybersecurity Policies and Procedures Prior to Cyberattack

On Tuesday, September 22, 2015, the SEC charged an investment adviser with failing to adopt a written policy and procedure reasonably designed to safeguard customer records and information. The charge spawned from a July 2013...more

SEC Enforcement Action Alleges an Adviser Failed to Adopt Adequate Cybersecurity Policies and Procedures; SEC Issues an Investor...

On September 22, 2015, the Securities and Exchange Commission (SEC) filed a settled administrative proceeding[1] alleging that a registered investment adviser failed to adopt cybersecurity procedures in violation of an SEC...more

10 Million Affected by Sophisticated Cyberattack

The latest major health insurance data breach of 2015 reported by Excellus BlueCross BlueShield is considered one of the top 20 worst reported breaches of a healthcare organization. The attack affected about 7 million...more

SEC Files Its First Cybersecurity Enforcement Action

Cybersecurity is one of the current hot topics of discussion. Regulators here and abroad have expressed concern regarding cybersecurity. Breaches are periodically reported in the media. Now the SEC has brought its first...more

New Round of SEC Cybersecurity Examinations of Financial Service Firms and Their Cyber Controls

The Office of Compliance Inspections and Examinations (the OCIE) has just published a new Risk Alert on cyber risks and precautions identifying specific areas it will be focusing on during the second round of examinations of...more

SEC Says No More Mr. Nice Guy on Investment Adviser Cybersecurity

Over the last couple years, the SEC’s cybersecurity bark has been worse than its bite. Its Office of Compliance, Inspections, and Examinations issued examination priorities in 2014. Commissioner Aguilar warned public...more

SEC OCIE Sharpens Focus on Cybersecurity

If you read one thing... - On September 15th, the SEC OCIE announced in a Risk Alert it will launch a second round of cybersecurity examinations of registered broker-dealers and investment advisers, which will be more...more

SEC Issues Cybersecurity Examination Risk Alert

On September 15, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert re-emphasizing the careful scrutiny it will give to the data security practices of...more

109 Results
View per page
Page: of 5

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.