In order to provide legal advice to clients in the aftermath of a hacking, lawyers must rely on digital forensics investigators to understand the nature and scope of the breach. Corporations also use this type of information...more
Q: The FDA’s stance on a regulatory framework for artificial intelligence and machine learning (AI/ML) software as a medical device is continuously evolving. Could you explain the history? A: Artificial intelligence (AI) is...more
2/5/2021
/ Artificial Intelligence ,
Cybersecurity ,
Food and Drug Administration (FDA) ,
Health Care Providers ,
Machine Learning ,
Manufacturers ,
Medical Devices ,
Medical Software ,
Personal Data ,
Popular ,
Preemption ,
Software Developers
Yesterday officials from the FBI, U.S. Department of Homeland Security, and Cybersecurity and Infrastructure Security Agency issued a joint alert that the agencies possessed “credible information of an increased and imminent...more
October marks the seventeenth annual National Cybersecurity Awareness month in the United States and provides an opportune moment to take stock of an extraordinary year. The past year has seen a rise in high-profile data...more
Ransomware attacks – cyber attacks in which the hackers encrypt and disable an organization’s computers and demand a ransom to provide the decryption key – continue to hit organizations throughout the country. Perhaps even...more
The European Court of Justice (ECJ) struck down the Privacy Shield – the legal mechanism that allowed many small and medium sized companies to transfer personal data from the European Union to the United States without...more
Just as the terrorist attacks of September 11, 2001 fundamentally changed our approach to national security, the COVID-19 pandemic of 2020 will fundamentally alter our approach to public health. September 11th caused us to...more
In the middle of a pandemic that has upended the food and beverage industry – causing surging demand for some products and devastating others – the last thing anyone wants to deal with is a new regulatory regime. However, the...more
The California Attorney General will soon begin to fully implement the California Consumer Privacy Act of 2018 (“CCPA”), the most comprehensive privacy law in the United States. The CCPA grants California residents new...more
The security and confidentiality of a company’s data is paramount. As businesses grapple with the COVID-19 pandemic and the need for employees to work remotely, it is important to remain focused on ensuring the security and...more
Earlier this month the Stop Hacks and Improve Electronic Data Security Act (“SHIELD Act") went into effect. The law, which was signed in July of last year by Governor Andrew Cuomo, makes several important changes to New...more
Organizations across the United States are preparing to respond to increasingly dire warnings from public health authorities and the need to take action to mitigate the spread of the coronavirus and the disease it causes,...more
3/17/2020
/ Coronavirus/COVID-19 ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Emergency Response ,
Networks ,
Popular ,
Privacy Laws ,
Remote Working ,
Risk Management ,
State of Emergency ,
Telecommuting ,
Virtual Private Networks
Q: How is the shift of medical devices moving to the Internet of Things affecting the health care industry?
A: Connected medical devices routinely record sensitive health information about a patient. This critical...more
11/26/2019
/ Cybersecurity ,
Data Collection ,
Hackers ,
Health Care Providers ,
Internet of Things ,
Medical Devices ,
PHI ,
Professional Liability ,
Risk Management ,
Security and Privacy Controls ,
Third-Party Liability
The California Consumer Privacy Act of 2018 (“CCPA”), the most comprehensive privacy law in the United States, is scheduled to take effect on January 1, 2020. Though the CCPA protections only apply to California residents, it...more
On April 11, 2019, significant revisions to Massachusetts’ data breach law – Chapter 93H – take effect. The revised statute requires more detailed notifications to both the Commonwealth and affected consumers, and mandates...more
Q: Who in a company is vital for cybersecurity management?
Seth Berman: Cybersecurity is everyone’s responsibility. The board and senior management must set the priorities and shape the culture, but even the lowest-level...more
The Supreme Court announced a major decision interpreting the Fourth Amendment for the digital age in Carpenter v. United States. The case is a significant win for privacy advocates and a sea change in the Court’s...more
6/28/2018
/ Carpenter v US ,
Cell Phones ,
Cell Site Location Information (CSLI) ,
Criminal Convictions ,
Electronic Records ,
Electronically Stored Information ,
Exigent Circumstances ,
Fourth Amendment ,
Geolocation ,
Location Data ,
Probable Cause ,
Reasonable Expectation of Privacy ,
Remand ,
Reversal ,
SCOTUS ,
Third-Party ,
Warrantless Searches
Happy GDPR Eve! Tomorrow is the effective date of Europe’s extensive, new and much talked about regulation, the General Data Protection Regulation (GDPR). GDPR is an ambitious regulatory framework that seeks to rebalance the...more
“Where was the Board?” is asked every time a major hacking causes yet another data breach. Data breaches and ransomware attacks occur every day, with massive impacts on companies’ finances, market value, and reputation. In...more
Tom Curry, a partner in Nutter’s Corporate and Transactions Department and a co-leader of the firm’s Banking and Financial Services Group, and Seth Berman, a partner and leader of Nutter’s Privacy and Data Security practice...more
The first week of January 2018 brought disturbing news on the cyber security front – and for once it was not the result of corporate ineptitude or poorly designed software. Actually, it was far worse. Independent security...more
The near-daily reports of massive hacking incidents continue to demonstrate a shocking level of corporate incompetence. In September, we learned of the Equifax breach, which was breathtaking both in its scope and in Equifax’s...more
Seth Berman, a partner in Nutter’s Litigation Department and a leader of the firm’s Privacy and Data Security practice group, analyzed the intersection of cybersecurity and human resources in Nutter Insights. Seth outlined...more
Seth Berman, a partner in Nutter’s Litigation Department and a leader of the firm’s Privacy and Data Security practice group, addressed upcoming GDPR compliance standards in Nutter Insights. Seth discussed how broadly the...more
The U.S. Department of Homeland Security named October “National Cyber Security Awareness Month,” and has given it the not-so catchy acronym of NCSAM. Though one might quibble with the choice of name, the many spectacular...more