Data Breach

News & Analysis as of

Data Security Breach at IRS Disrupts Taxpayers and Tax Professionals

The Internal Revenue Service (IRS) announced on Tuesday, May 26, 2015 that criminals had fraudulently obtained the tax returns and account information of more than 100,000 taxpayers. The criminals used this information to...more

Data Breach Insurance: Does Your Policy Have You Covered?

Recent developments in two closely watched cases suggest that companies that experience data breaches may not be able to get insurance coverage under standard commercial general liability (CGL) policies. CGLs typically...more

Will Your Cyber Insurance Respond When You Need It Most?

On May 7, Columbia Casualty Company, an insurance company, filed one of the first lawsuits by an insurer seeking to deny coverage for a privacy class action under a cyber insurance policy. Why is this significant? As the...more

Think You Know Your HIPAA-Related Obligations? Read the ONC’s New Privacy and Security Guide to Find Out

In 2013, we alerted you to the expansion of the definition of the term “business associate” under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Now, the Office of the National Coordinator for Health...more

Blog: CareFirst Discloses Data Breach

CareFirst, a Blue Cross Blue Shield plan serving the Washington D.C. metro area, became another in a line of health insurers to suffer a data breach as a result of hackers. CareFirst and the FBI are examining the breach...more

Target Data Breach Settlement

On November 30, 2013, I stopped at Target to purchase a birthday gift for my friends’ one-year-old daughter. Little did I know that I would be exposed to one of the largest data breaches in retail history. Fortunately, my...more

Data breach coverage denial upheld by Connecticut Supreme Court

In a 3 page per curiam decision issued this week, the Connecticut Supreme Court upheld a lower court’s decision holding in Recall Total Information Management, Inc., et. al v. Federal Insurance Company, that Federal Insurance...more

CareFirst announces breach of 1.1 million records in cyberattack

Following in the footsteps of Anthem and Premera, CareFirst, a Blue Cross Blue Shield plan servicing customers in Maryland, Washington, D.C. and Virginia announced yesterday that it too has been the victim of a...more

Hackers seek to access intellectual property assets of higher educational institutions

College and universities, like many other businesses and organizations, defend against millions of cyberattacks each day. Most recently, Penn State’s College of Engineering discovered a multi-year long cyberattack seeking...more

April Brings Amendments to Washington and North Dakota Breach Notification Requirements

April saw amendments to Washington State's and North Dakota's breach notification statutes. In a prior Orrick Alert, we discussed some of the implications from the proposed data breach notification amendments in...more

CareFirst Suffers Cyberattack, Data Breach of 1.1 Million Customers’ Information

BREAKING NEWS: Health insurer CareFirst BlueCross BlueShield disclosed today that hackers gained access to one of its databases, exposing personally identifiable information for approximately 1.1 million people....more

Connecticut Affirms Personal Injury Coverage for Data Breach Requires Actual Publication

As expected, the Connecticut Supreme Court has affirmed decisions by both the trial court and intermediate appellate court that personal injury liability coverage for a business’s data loss or theft requires publication as a...more

Guidance for Incident Response Plans  

Organizations are preparing for data incidents and breaches by developing, updating, implementing, and testing incident response plans. This article provides a checklist of key components of an incident response...more

Insurance Recovery Law - May 2015 #2

Recent Lawsuit Underscores Critical Lessons for Purchasers of Cyber Insurance - Why it matters: Columbia Casualty Company v. Cottage Health Systems was filed on May 7, 2015, in the Central District of California. Cottage...more

Nevada Broadens Definition of Personal Information for Purpose of Encryption and Breach Notices

On May 13, Nevada passed a new law (A.B. 179) expanding the definition of “personal information” to include a natural person’s first name or initial and last name in combination with: 1) medical and health insurance...more

District Court Dismisses Data Breach Class Action Against eBay

The US District Court for the Eastern District of Louisiana recently dismissed a data breach class action against eBay Inc. for lack of standing because the named plaintiff did not allege an actual injury, only the...more

Recent Lawsuit Underscores Critical Lessons for Purchasers of Cyber Insurance

Columbia Casualty Company v. Cottage Health Systems, No. 2:15-cv-03432, was filed on May 7, 2015 in the Central District of California. Cottage Health is one of the first cases nationwide—if not the first case—in which the...more

Privacy Laws in Asia - May 2015

Privacy legislation in Asia has been extremely active in the past few years, and the level of activity and enforcement does not show any signs of slowing down. Eleven jurisdictions in Asia now have comprehensive privacy laws:...more

CNA Denies Cyber Insurance Claim

Key takeaway: The insurance applications and underwriting questionnaires prepared in connection with cyber insurance do matter. Cyber security, and cyber insurance, have dominated the industry headlines for several...more

At least 90 class actions primed for consolidation relative to 2015 Anthem data breach

On February 4, 2015, health insurer Anthem disclosed a data breach affecting the personal and financial information of up to eighty million Anthem members throughout the United States. Beginning the very next day, class...more

Comingling of employee and patient data compromises employer’s HIPAA defense to employee’s claim of discharge for union activity

An administrative law judge (ALJ) of the National Labor Relations Board has concluded that a health care employer’s use of its medical records software to store employee contact information allowed an employee to access that...more

To Err Is Human; to Indemnify, Divine?: Human Foibles in the Cloud

BakerHostetler’s inaugural Data Security Incident Response Report (the “Report”) concluded that employee negligence and theft were two of the top five causes of data security incidents for the more than 200 incidents that we...more

North Dakota Focused on Privacy and Information Security; AG Wants to Know if You’ve Been Breached

Come August 1, North Dakota’s Attorney General will expect to hear from you if your company suffers a breach of computerized data affecting more than 250 persons. On April 13 North Dakota Governor Jack Dalrymple signed S....more

Connecticut Supreme Court Affirms No Coverage for Lost Tapes Absent Publication of Data

In Recall Total Information Mgmt., Inc. v. Federal Ins. Co., SC19201 (Conn. May 18, 2015), the Connecticut Supreme Court held that where there was no factual support that anyone ever actually accessed private information...more

Why Reputation Risk is Quickly Climbing the Ethics and Compliance Priority List, Part 3 | Beyond Compliance Training

So far in this series, we’ve discussed why companies are adopting a more public focus on ethics and compliance, how reputational risk can impact a company and its brand, and the first three elements of a five-part framework...more

1,180 Results
|
View per page
Page: of 48

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.
×