As Vermont joins the growing number of states with comprehensive consumer data privacy laws, it stands out from the crowd with the ability of Vermonters to bring a private right of action (PRA) against large data holders. In...more
5/20/2024
/ Consumer Information ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Information Technology ,
Popular ,
Private Right of Action ,
Proposed Legislation ,
Regulatory Agenda ,
Vermont
If they have not already, employers should take steps now to properly protect the personal information of their employees. The Eleventh Circuit Court of Appeals’ decision in Ramirez v. Paradies Shops, LLC clarifies that...more
8/29/2023
/ Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Management ,
Data Privacy ,
Data Protection ,
Employee Privacy Rights ,
Employer Liability Issues ,
Information Governance ,
Personal Data ,
Popular
In our last newsletter, we discussed due diligence as it relates to selection of vendors. The second part of that exercise is to negotiate your agreement with the vendor to properly manage any risks you identified. In this...more
5/16/2023
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Indemnification ,
Limitation of Liability Clause ,
Policies and Procedures ,
Popular ,
Risk Management ,
Service Agreements ,
Vendors
By now, you have heard many news stories about debilitating cyberattacks that started with the compromise of a vendor's systems and ultimately wreaked havoc on that vendor's customers. As a result, many businesses are seeking...more
As Burr & Forman's Cybersecurity and Data privacy team recognizes Data Privacy Day, we know no one wants to make the news as the latest victim of a cyber-attack, much less as the latest defendant in a lawsuit alleging your...more
COPPA, or the Children's Online Privacy Protection Rule, was designed to protect the privacy of children under 13 years of age by giving their parents certain tools to control how the child's information can and cannot be...more
11/11/2022
/ COPPA ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Federal Trade Commission (FTC) ,
Information Technology ,
Internet ,
Mobile Apps ,
Online Safety for Children ,
Parental Consent ,
Personally Identifiable Information ,
Website Owner Liability ,
Websites
Please see full Infographic for more information....more
It is hard to find a news post without a story on a ransomware attack. The National Security Council has issued an open letter warning all businesses to be alert and prepared for ransomware attacks. Various industry groups...more
6/22/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cyber Insurance ,
Cyberforensics ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Incident Response Plans ,
Information Technology ,
Policies and Procedures ,
Popular ,
Ransomware ,
Threat Management
Ransomware attacks have increased over the last several months, but the nation state attacks identified over the last several days are causing people to take a harder look at their systems and what they can do to protect...more
12/15/2020
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Personally Identifiable Information ,
Ransomware ,
Risk Management ,
SolarWinds ,
Vulnerability Assessments
Best Practices to Detect and Prevent File-Less and Click-Less Malware -
Hackers are clever at exploiting weaknesses in an organization’s systems. They are also efficient. After an organization installs robust cybersecurity...more
5/31/2018
/ Best Practices ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Hackers ,
Malware ,
New Legislation ,
NIST ,
Risk Mitigation ,
State Data Breach Notification Statutes
On March 28, 2018, Alabama adopted a data privacy law, the Alabama Data Breach Notification Actof 2018 (SB318). While Alabama is one of the last states to adopt such an act, the Act is notable in its requirements, and applies...more
4/12/2018
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
New Legislation ,
Notice Requirements ,
Personally Identifiable Information ,
Risk Management ,
State and Local Government ,
State Data Breach Notification Statutes
Cyber threats take many forms. The wide-spread WannaCry ransomware attack in May of 2017 highlighted how computer files could be held hostage in return for payment, while the Dyn denial of service in October of 2016...more
Starting on Friday, May 12th , computers in countries around the world have fallen victim to the latest ransomware attack. As of Monday morning, it is estimated that more than 150 countries have infected systems, totaling...more
5/16/2017
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Email ,
Hackers ,
Health Care Providers ,
Personally Identifiable Information ,
Phishing Scams ,
Ransomware ,
Risk Management
On October 6, 2015, the European Court of Justice (the European Union's highest court), struck down the US-EU Safe Harbor Agreement that previously provided companies to store personal data about Europeans on U.S. servers,...more
10/9/2015
/ Cybersecurity ,
Data Protection Authority ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Ireland ,
National Security ,
National Security Agency (NSA) ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework