Security and Privacy Controls

News & Analysis as of

New York Attorney General Proposes Stiffer Data Security and Breach Notification Laws

New York State Attorney General Eric Schneiderman has proposed legislation that would make the state’s data security law the strongest in the country and require “unprecedented safeguards” for personal data....more

Administration Continues Weeklong Focus on Cyber Security and Privacy

The President is continuing to focus on cybersecurity and privacy issues and proposals in the buildup to his State of the Union address, underscoring the importance of addressing these matters and the increase in bipartisan...more

White House Proposes Series of New Cybersecurity Laws and Initiatives

“If we’re going to be connected, we’ve got to be protected.” With those words President Barack Obama unveiled new consumer privacy legislation and new cybersecurity and privacy partnerships between the federal government and...more

Indiana Attorney General Proposes Strengthening Online Privacy, Data Storage and Security Breach Laws

Indiana has become the latest state to propose more stringent privacy laws, potentially creating new compliance challenges for companies that do business in many different states....more

Indiana Joins States' Trend Toward Tougher Privacy and Data Protection

On December 22, 2014, Indiana became the latest state to propose legislation that will provide greater safeguards for personal and financial information online. The move in Indiana follows similar moves in California, New...more

A Quick Look at Healthcare Issues Expected to Make News in 2015

As we look into our crystal balls, we do not expect a lot of new issues in 2015. Rather, we believe that most of the significant issues will be a continuation of issues that arose in 2014 or earlier. ...more

California Strengthens Online Data Privacy And Security Laws

California has enacted three laws, two of which went into effect on January 1, 2015, designed to protect online data security and privacy for residents. The state has expanded its privacy and security laws by (i) requiring...more

Newly-Adopted Privacy Standards for Cloud Service Providers

The International Standards Organization’s new cloud standard, ISO 27018, strives to ensure that public cloud service providers (such as Amazon, Google, and Rackspace) “offer suitable information security controls to protect...more

Heartbleed SSL/TLS Vulnerability

"SSL" and "TLS" refer to the transport protocols that are used widely across the web to secure communications between end users and servers. Websites, web applications, online services, portals, and even some virtual private...more

Protection against Business and Legal Risks from the iPhone 5s Security Vulnerabilities

The iPhone 5s debuted with a list of new features designed to enhance its users’ experience. Among the list is Touch ID, a form of biometric security that allows users to lock and unlock their iPhone with their fingerprint....more

On the 11th Day of Privacy, class counsel served on me……

. . . a data breach class action. Hackers and plaintiffs’ lawyers could combine to make 2014 the year when class actions concerning theft of sensitive information proliferate. On this 11th Day of Privacy, we look...more

Advertising Law -- Jul 11, 2013

FTC to Search Engines: Make Ads Distinct - Eleven years after last issuing guidance to search engines about displaying paid search results, the Federal Trade Commission sent letters to dozens of companies, including...more

Unhack My Heart: FDA Issues Guidance To Mitigate Cybersecurity Threats In Medical Devices

A new guidance document from the FDA lists considerations and suggested steps to reduce the likelihood of cybersecurity breaches in medical devices....more

FCPA Enforcement As A Security Issue And Implications For The Compliance Practitioner

One of the things that has long puzzled me is what led to the significant rise in the enforcement of the Foreign Corrupt Practices Act (FCPA) beginning in the 2003-2004 time frame? ...more

New Cybersecurity Guidance Released by the National Institute of Standards and Technology: What You Need to Know for Your Business

The National Institute of Standards and Technology (“NIST”) has released the fourth revision of its standard-setting computer security guide, Special Publication 800-53 titled Security and Privacy Controls for Federal...more

Final HIPAA Regulations Impact Group Health Plans

The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) sets forth rules to protect the privacy and security of individuals’ health information that is held by “covered entities,” such as group health plans....more

OCR Scrutiny Continues – Are You Ready For the September Deadline?

On May 21, 2013, the U.S. Department of Health and Human Services (“HHS”) released details regarding a $400,000 settlement with Idaho State University (“ISU”) for alleged violations of the HIPAA Security Rule. The settlement...more

HIPAA Enforcement: Unleashing The Dogs

Prosecutors are a fun bunch and they love their jobs and their mission – to prosecute law-breakers for violating the law. ...more

Employers – Are You Updating Your HIPAA Documents?

The Department of Health and Human Services released final Health Insurance Portability and Accountability Act (HIPAA) privacy and security regulations on January 25, 2013. ...more

Data Breach - Your Organization Needs a Plan

The Privacy Rights Clearinghouse’s Chronology of Data Breaches lists 3,671 incidents affecting 607,295,463 records since 2005,1 including these three: - A worker steals customer records containing credit card, bank...more

That’s the Way the Consensus Crumbles: CISPA Splits Natural Allies in High-Tech

If there’s one thing Americans of all political stripes seem to agree on, it’s the need to thwart cyber-attacks on critical U.S. systems. Just this week, the Pentagon for the first time openly blamed China for hacking U.S....more

NIST Revamps Core Computer Security Guide

On April 30, the National Institute of Standards and Technology (NIST) published a substantially revised version of its Special Publication 800-53, “Security and Privacy Controls for Federal Information Systems and...more

It's 2013. Do You Know Where Your BYOD Policies Are?

Imagine you grab your phone only to find it locked, with all of your applications, pictures, and contacts permanently deleted. Imagine your employer's IT department remote-wiped your phone because they mistakenly believed it...more

OCR Publishes HIPAA Guides for Providers and Consumers

Understanding the complexities of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules is often a challenge for health care providers and consumers. Recognizing the widespread...more

Global Sourcing Group -- Spring 2013

Every year, we survey Morrison & Foerster’s Global Sourcing Group lawyers around the world to create a snapshot of the current state of the global outsourcing market and to identify emerging trends that are likely to shape...more

28 Results
|
View per page
Page: of 2