Last week, the White House issued a new Executive Order (the “EO” or “Order”) on cybersecurity. The EO responds to ever-increasing malicious cyber campaigns threatening the public and private sectors and the American people’s...more
On April 4, 2020, Interpol issued a warning to hospitals and healthcare companies at the forefront of the COVID-19 pandemic that cybercriminals are targeting them with ransomware attacks. Cybercriminals are using ransomware...more
4/9/2020
/ Coronavirus/COVID-19 ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Hackers ,
Health Care Providers ,
Hospitals ,
INTERPOL ,
Ransomware
With the efforts at reducing the rates of transmission created by the COVID-19 pandemic, where they are able, many employers are migrating to telecommuting and remote access options. With the increase in remote access to...more
On Wednesday, December 12, 2018, Senator Brian Schatz (D-HI), Ranking Member of the Communications, Technology, Innovation, and the Internet Subcommittee, introduced The Data Care Act of 2018. The bill, which is co-sponsored...more
12/14/2018
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Use Policies ,
Duty of Care ,
Duty of Confidentiality ,
Duty of Loyalty ,
Federal Trade Commission (FTC) ,
Internet Service Providers (ISPs) ,
Mobile Apps ,
Online Platforms ,
Personal Data ,
Privacy Laws ,
Proposed Legislation ,
Technology Sector ,
Websites
In a landmark decision with far-reaching implication, the Pennsylvania Supreme Court recently held that employers have an affirmative duty to protect their employees’ personal information from criminal hacking. In particular,...more
12/3/2018
/ Appeals ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Duty to Protect ,
Economic Damages ,
Economic Loss Doctrine ,
Employer Liability Issues ,
Hackers ,
Negligence ,
PA Supreme Court ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Reasonable Care ,
Remand ,
Reversal
Last week, the Department of Justice (DOJ) issued the first report of its Cyber-Digital Task Force. The Task Force, which is comprised of several long-time DOJ officials, was tasked with distilling how the DOJ responds to...more
Snell & Wilmer’s Breach Response Team regularly guides clients through all phases of data breach and cyber incident response, including leading internal investigations related to data breaches and cyber incidents in...more
6/7/2018
/ Corporate Counsel ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Hackers ,
Notification Requirements ,
Personally Identifiable Information ,
State Data Breach Notification Statutes ,
Young Lawyers
This Friday is the deadline for General Data Protection Regulation (“GDPR”), yet many companies are still in the process of planning for compliance. Companies not able to meet the deadline may want to consider,...more
5/23/2018
/ Breach Notification Rule ,
Cybersecurity ,
Data Processors ,
Data Protection ,
Data Protection Officers (DPOs) ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Information Governance ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Risk Management
On March 21, 2018, South Dakota became the 49th state to enact a breach notification law, leaving Alabama as the sole U.S. state without one. The South Dakota law will take effect on July 1, 2018. Here is a summary of several...more
On September 15, 2017, the FTC released its eighth “Stick with Security” principle, which offers advice that individuals and organizations should consider when hiring others to process sensitive data. A few tips for making...more
On September 8, 2017, the FTC released its seventh “Stick with Security” principle, which offered guidance regarding how companies incorporate security by design to prevent or minimize threats in the following ways...more
On September 1, 2017, the FTC released its sixth “Stick with Security” principle, which highlighted the steps businesses can take to ensure that “outside entryways” into network systems are secure. Securing remote access to a...more
On August 25, 2017, the FTC released its fifth “Stick with Security” principal, which focused on how companies can protect their virtual “entrances and exits” and make life harder for hackers.
The FTC believes that the...more
On August 18, 2017, the FTC released its fourth “Stick with Security” principle, which explained the importance of keeping confidential data only when needed, and securely storing the data when it must be kept. To that end,...more
On August 11, 2017, the FTC released its third “Stick with Security” principle, which touched on the necessity of strong authentication practices. Secure passwords and fortified authentication practices make it that much...more
On August 4, 2017, the FTC released its second “Stick with Security” principle, which addressed the next step a company should take after it has identified confidential data in its possession and determined what information...more
Companies that have experienced data breaches or security hacks have subsequently found themselves the subject of enforcement actions by the Federal Trade Commission (“FTC”) for violating the FTC Act, due to inadequate...more
On August 31st and September 7th, 2016, the Federal Trade Commission (FTC) provided guidance regarding cybersecurity standards, which companies should consider when assessing their current data security posture....more
9/12/2016
/ Cyber Attacks ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Data Security ,
Executive Orders ,
Federal Trade Commission (FTC) ,
Hackers ,
NIST ,
Obama Administration ,
Presidential Directives ,
Ransomware ,
Risk Management