Aravind Swaminathan

Aravind Swaminathan

Orrick, Herrington & Sutcliffe LLP

Contact
View Bio
RSS

Latest Posts › Data Breach

Share:

Two Years to Get Ready – GDPR Adopted

After 4 years of negotiation, today the European Parliament adopted the General Data Protection Regulation (“GDPR“). In doing so, it signaled the end of the EU approval process and put businesses on alert that they now have...more

4/15/2016  /  Data Breach , Data Privacy , Data Security , EU , EU Data Protection Laws , General Data Protection Regulation (GDPR) , International Data Transfers , Personal Data

Tennessee Amends Breach Notice Statute: Sets Notice Deadline, Eliminates Encryption Safe Harbor

Tennessee recently amended its data breach notification law, and in doing so, it has joined the ranks of states like Florida, Ohio, and Wisconsin that require notification to residents of a data breach within a defined time...more

4/4/2016  /  Amended Legislation , Corporate Counsel , Cyber Attacks , Data Breach , Data Protection , Encryption , Notification Requirements , Personally Identifiable Information , Risk Management

Germany Permits Consumer Protection Associations to File Class Actions for Violations of Data Protection Law

On December 17, 2015, the German Parliament passed a new act which permits consumer protection associations, industry and commerce chambers or other approved business associations to file privacy class actions. The law is...more

1/7/2016  /  Class Action , Data Breach , Data Privacy , Germany , Privacy Laws

FTC and Wyndham Call a Truce

Following the Third Circuit’s ruling upholding the FTC’s authority to regulate unfair and deceptive cybersecurity practices under Section 5 of the FTC Act, Wyndham Worldwide Corporation and the FTC have agreed to settle. ...more

12/21/2015  /  Cybersecurity , Data Breach , FTC Act , FTC v Wyndham , Personal Data , Section 5 , Settlement , Unfair or Deceptive Trade Practices

Notifying Parties In Username/Password Breaches . . . It’s Not Just the Law

As we head into the end of 2015, state legislators across the country continue to strengthen, update and, in some instances, broaden the scope of their respective state data breach notification laws. Specifically, many...more

10/1/2015  /  Bank Accounts , Breach Notification Rule , Credit Cards , Cyber Attacks , Cyber Crimes , Cybersecurity , Data Breach , Data Breach Plans , Data Protection , Data Security , Debit Cards , Hackers , Passwords , Personally Identifiable Information , Privacy Laws , Proposed Legislation , Social Security Numbers

Don't Wait for It; Recent HIPAA Enforcement Action Signal More to Come in Phase 2 Audits

Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more

9/21/2015  /  Breach Notification Rule , Cloud Computing , Corrective Actions , Covered Entities , Cybersecurity , Data Breach , Data Security , Department of Health and Human Services (HHS) , Electronic Medical Records , Enforcement Actions , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , Healthcare , HITECH Act , Hospitals , OCR , Personally Identifiable Information , PHI , Privacy Rule , Risk Assessment

Third Circuit to Wyndham (Part I): It's "Fair" that FTC Did Not Articulate Specific Cybersecurity Standards in Enforcement Action...

On Monday, the Third Circuit issued a highly anticipated opinion affirming the Federal Trade Commission's authority to regulate "unfair" cybersecurity practices under Section 5 of the FTC Act. In allowing the data breach...more

8/27/2015  /  Credit Cards , Cyber Attacks , Cyber Crimes , Cybersecurity , Data Breach , Data Protection , Data Security , Debit Cards , Enforcement Actions , Federal Trade Commission (FTC) , Fraudulent Charges , FTC v Wyndham , Hackers , Section 5 , Wyndham

New Guidance for Financial Institution Directors and Officers In Cybersecurity Preparedness

Earlier this summer, the Federal Financial Institutions Examination Council (FFIEC) released its highly anticipated Cybersecurity Assessment Tool (Assessment), which is designed to assist financial institutions in identifying...more

8/26/2015  /  ATMs , Banking Sector , Banks , Caremark claim , Cloud Computing , Compliance , Credit Cards , Cyber Attacks , Cyber Crimes , Cybersecurity , Data Breach , Data Protection , Data Security , Debit Cards , FFIEC , Financial Institutions , Hackers , Internet Service Providers (ISPs) , Mobile Payments , NCUA , NIST , OCC , Regulatory Standards , Risk Management

Does Free Credit Monitoring Do More "Harm" Than Good?

The Seventh Circuit reinstates the Neiman Marcus data breach class action lawsuit after finding that increased risk of future fraudulent charges and greater susceptibility to identify theft are sufficient for standing. ...more

8/3/2015  /  Article III , Class Action , Credit Monitoring , Cyber Attacks , Cybersecurity , Data Breach , Fraudulent Charges , Free Identity Theft Protection , Identity Theft , Neiman Marcus , Popular , Standing

Roadmap Offers Important Insights on How to Prepare for FTC Data Breach Investigations

On May 20, 2015, Federal Trade Commission Assistant Director Mark Eichorn of the Bureau of Consumer Protection’s Division of Privacy and Identity Protection (DPIP) offered an inside look into the FTC’s investigative process...more

5/28/2015  /  Assessment , Data Breach , Enforcement Actions , Federal Trade Commission (FTC) , Internal Investigations , Privacy Policy

April Brings Amendments to Washington and North Dakota Breach Notification Requirements

April saw amendments to Washington State's and North Dakota's breach notification statutes. In a prior Orrick Alert, we discussed some of the implications from the proposed data breach notification amendments in...more

5/22/2015  /  Attorney General , Breach Notification Rule , Data Breach , Gramm-Leach-Blilely Act , Health Insurance Portability and Accountability Act (HIPAA) , HITECH Act , Notification Requirements

Standing Your Ground: Supreme Court to Consider Standing Question Important in Data Breach Class Action Litigation

On April 27th, the United States Supreme Court granted certiorari in Spokeo, Inc. v. Robins, to consider a question critical to the viability of data breach class actions: standing. Since the Court’s most recent standing...more

4/29/2015  /  Article III , Clapper v. Amnesty International , Class Action , Data Breach , Fair Credit Reporting Act (FCRA) , SCOTUS , Split of Authority , Spokeo v Robins , Standing

Court Says Cyber Forensics Covered by Legal Privilege

The Middle District of Tennessee recently issued a key decision in the ongoing Genesco, Inc. v. Visa U.S.A., Inc. data breach litigation. The court denied discovery requests by Visa for analyses, reports, and communications...more

4/24/2015  /  Attorney-Client Privilege , Confidential Information , Cyberforensics , Cybersecurity , Data Breach , Discovery , e-Discovery , Popular , Risk Mitigation , Work-Product Doctrine
38 Results
 / 
View per page
« Previous
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide