News & Analysis as of

Settlement Data Security

Gone Phishin’: Hack Leads to HIPAA Settlement

Earlier this week, the HHS Office for Civil Rights (“OCR”) announced a $400,000 settlement with Metro Community Provider Network (“MCPN”) related to a 2012 HIPAA breach caused by a phishing scam. The phishing scam, carried...more

Recent HIPAA Privacy and Security Settlements and Lessons Learned

by Perkins Coie on

Although the fate of the Affordable Care Act remains undecided, enforcement of the HIPAA privacy and security regulations by the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services is ongoing,...more

Consumer Financial Services Law - March 30, 2017

Industry Groups Respond on Consumer Access to Financial Records - Financial industry groups responded to the Consumer Financial Protection Bureau's (CFPB) request for information on consumer access to their financial...more

The 2017 Carlton Fields Class Action Survey

by Carlton Fields on

The 2017 Carlton Fields Class Action Survey has just been released, and the findings reveal some unexpected trends in class action litigation, based on insights provided by 387 general counsels and chief legal officers at...more

Mapco Express pays $1.9 Million in Data Breach Settlement

A Tennessee federal judge has approved a proposed settlement of up to $1.9 million to be paid by Mapco Express to individuals affected by a payment card data breach that occurred in 2013. Two banks alleged that Mapco...more

Affair Website Ashley Madison Fined $8.75 Million Over Data Breach, Misrepresentations

by Ballard Spahr LLP on

The Federal Trade Commission (FTC) has entered into a multimillion dollar settlement with the owners and operators of AshleyMadison.com, a dating website for people interested in having discreet affairs, related to the...more

Business Associates Beware! OCR Means Business

by Bryan Cave on

In June 2016, OCR entered into its first settlement agreement with a business associate, Catholic Health Care Services of the Archdiocese of Philadelphia (“CHCS”), for potential violations of the HIPAA Laws by failing to...more

Latest Data Breach Settlement Illustrates Need for Companies to Prioritize Cybersecurity

by BakerHostetler on

On Aug. 5, 2016, the New York attorney general, Eric Schneiderman, announced a $100,000 settlement with an e-retailer following an investigation of a data breach that resulted in the potential exposure of more than 25,000...more

New York A.G. Announces $100k Settlement Over Data Breach

by King & Spalding on

On August 5, New York Attorney General Eric T. Schneiderman announced a settlement with Provision Supply, LLC d/b/a EZcontactsUSA.com, imposing $100,000 in penalties and ongoing obligations to maintain certain security...more

$2.75 Million OCR Settlement Underscores the Importance of Risk Management and Analysis

by BakerHostetler on

How the theft of a single password-protected laptop turned into an enterprise-wide review of an organization’s data protection practices. Following the announcement of a recent settlement between the U.S. Department of...more

Record-Breaking HIPAA Settlement Sends Strong Message to Covered Entities

This month marked the largest HIPAA settlement to-date for a single entity. Advocate Health Care Network (“Advocate”) agreed to pay $5.5 million and adopt a corrective action plan after an investigation by the Department of...more

Largest HIPAA Settlement Announced Against A Single Entity: $5.55 Million

by Saul Ewing LLP on

On August, 4, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced that Advocate Health Care Network (Advocate) agreed to pay a settlement amount of $5.55 million and adopt a...more

Largest Health & Human Services HIPAA Settlement Wake-Up Call for Covered Entities to Evaluate and Mitigate Risks

On Thursday, August 4, 2016, the U.S. Department of Health & Human Services, Office of Civil Rights (OCR) announced the largest settlement ever with a single entity for multiple potential Health Insurance Portability and...more

The Cost of Noncompliance: LifeLock Continues to Pay

by McGuireWoods LLP on

LifeLock, Inc. made headlines in December 2015 when it finalized a $100 million settlement with the Federal Trade Commission—the largest monetary award ever in an FTC order enforcement action. As reported by McGuireWoods’...more

OCR Kicks Off HIPAA Audits After Issuing Two Major Settlements

On March 21, 2016, the HHS Office for Civil Rights (OCR) launched phase two of its much-anticipated audit program for covered entities and business associates. The announcement comes in the wake of OCR's issuance of two major...more

Wyndham Settles with FTC

by Cozen O'Connor on

Last month, Wyndham Worldwide Corp. settled its lengthy civil case with the Federal Trade Commission. The suit began in 2012, when the FTC sued Wyndham and three of its subsidiaries, alleging three data breaches between 2008...more

FTC and Wyndham Settle Suit Regarding Wyndham's Alleged Cybersecurity Failures

by White & Case LLP on

On December 9, 2015, the Federal Trade Commission (the "FTC") and Wyndham Worldwide Corporation (and three additional Wyndham entities, collectively, "Wyndham") filed a stipulated order ("Stipulated Order") settling their...more

LifeLock And FTC Agree To $100 Million Settlement For Alleged Violation Of Prior Injunction Regarding LifeLock’s Data Security...

by King & Spalding on

On December 17, 2015, the Federal Trade Commission (“FTC” or “Commission”) and LifeLock, Inc. (“LifeLock”) announced the largest monetary award obtained by the Commission in an order enforcement action. The settlement...more

Information Security and Privacy News: Critical Cybersecurity Policies and Practices After the Settlement Order in FTC v. Wyndham...

by Murtha Cullina on

Companies are threatened daily by attacks that expose customer credit card and other information stored on company servers, personal computers and other devices. It is, therefore, critical that companies do these three...more

Wyndham Agrees to Settle FTC Data Security Case

by Kelley Drye & Warren LLP on

After four years of litigation, this past Wednesday, Wyndham Worldwide Corporation and three of its subsidiaries (collectively, “Wyndham”) settled the Federal Trade Commission’s (“FTC”) allegations that the global...more

Long and Wyndham Road: The Federal Trade Commission Extends Section 5 Unfairness to Regulate Data Security

In a surprising development, Wyndham Worldwide Corporation settled a long running dispute last week with the Federal Trade Commission that arose from three data breaches Wyndham suffered between 2008-2010. After an...more

Wyndham and FTC Settle Case Over “Unfair” Data Security Practices

The years-long saga of the Federal Trade Commission’s suit against Wyndham Hotels over data breaches that occurred at least as early as April 2008 is finally coming to an end with a proposed settlement filed today with the...more

6 Questions PE Sponsors Must Ask About Their GPL Policies

Private equity fund sponsors are facing increased litigation risk from regulators and private parties, including limited partners and stakeholders in portfolio companies. As a result, private equity firms should re-examine...more

Wyndham and FTC Settle Data Breach Lawsuit: Implications

On December 9, 2015, Wyndham and the FTC settled the enforcement action brought by the FTC that had led to a significant decision by the Third Circuit in August of this year. While the details of the settlement are...more

Target Agrees to $39 Million Settlement with Credit Card Issuers’ Data Breach Claims

by Reed Smith on

Still recovering from its 2013 data breach, Target Corp. agreed to a $39 million settlement with a class of banks suing the well-known retailer, marking the settlement as the first class-wide data breach pact ever reached on...more

37 Results
|
View per page
Page: of 2
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
Feedback? Tell us what you think of the new jdsupra.com!