News & Analysis as of

Breach Notification Rule

Reminder: Notice of 2017 small HIPAA breaches due to HHS soon

by Bricker & Eckler LLP on

The deadline to submit notice to the Department of Health and Human Services (HHS) of small HIPAA breaches (those that affected fewer than 500 individuals) discovered in calendar year 2017 is March 1, 2018....more

100(ish) Days Until GDPR

by Workman Nydegger on

In a little more than 100 days, a sweeping regulation known as the General Data Protection Regulation (GDPR) will go into effect across the European Union. The purpose of the GDPR is to update and modernize the scope of...more

New Delaware Breach Notification Law Will Require Diligent Preparation and Education

by Morris James LLP on

On August 17, 2017, Delaware Governor John Carney signed into law HB 180, completing an update to a nearly 12-year old breach notification statute that had little teeth, and no enforcement. The new law, which applies to “Any...more

January 2018: Cybersecurity and Privacy Law: What Is the European General Data Protection Regulation and What Does It Mean for...

Background - A new data protection framework, the General Data Protection Regulation (“GDPR”), goes into effect in the European Union on May 25, 2018, replacing the Data Protection Directive 95/46/EC (“Directive”). See...more

Full Quilt: The Final Two States Without Data Breach Laws Push Forward to Complete the Patchwork Protecting Personal Information...

by Reed Smith on

There are currently only two U.S. states that do not have a state data breach notification law: South Dakota and Alabama. Recently, South Dakota took a big step toward approving a data breach notification law. ...more

“Legally Reprehensible”: Senate Chastises Uber’s Conduct in 2016 Data Breach

On Tuesday, a Senate subcommittee grilled Uber’s Chief Information Security Officer, John Flynn, over a 2016 data breach that affected nearly 57 million drivers and riders. At the hearing, Uber faced backlash from lawmakers...more

Massachusetts Attorney General Announces New Data Breach Reporting Tool and Database

by Reed Smith on

Massachusetts Attorney General (AG) Maura Healey has announced that the state will offer an online portal where businesses can more easily report that they have experienced a data breach. Massachusetts will also offer...more

South Dakota Moves Forward With State’s First Data Breach Law

by King & Spalding on

On January 25, 2018, the South Dakota Senate approved the state’s first data breach notification law. If passed, the law would leave Alabama as the only U.S. state without a notification law. The proposed law will now move to...more

The European Union General Data Protection Regulation (GDPR): An Introduction

by Ladas & Parry LLP on

The European Union (EU) General Data Protection Regulation (GDPR 2016/679) will take effect on May 25, 2018. This regulation provides general guidance on what is needed for compliance, however many policies and procedures are...more

South Dakota May Become 49th State To Pass A Data Breach Notification Law

by Jackson Lewis P.C. on

Only two states in the United States lack data breach notification statutes, but that may change in 2018. If legislation pending in South Dakota passes, Alabama would be the only state without a data breach notification law....more

Arizona Legislature Considers Strengthening Data Breach Notification Law

by Ballard Spahr LLP on

The Arizona State Legislature is considering proposed legislation that, if enacted, would significantly change the requirements for how Arizona entities respond to data breaches....more

Surprise – EU Data Privacy Laws Could Impact You, Too!

by Bracewell LLP on

On May 25, 2018, the European Union’s data privacy regime is getting an upgrade and like many operating system upgrades, the EU’s new approach (the General Data Protection Regulation, or GDPR) is designed to improve...more

North Carolina AG Proposes Stronger Breach Notification And Personal Information Safeguard Requirements

by Jackson Lewis P.C. on

Citing to estimates in 2017 “more than 5.3 million North Carolinians were … affected by a data breach,” Attorney General Josh Stein and Rep. Jason Saine announced on January 8 proposed legislation aimed at protecting state...more

Lessons Learned from Recent OCR HIPAA Audits

Covered entities, including employer sponsored health plans, should brace for audits and enforcement of the Privacy, Security, and Breach Notification rules by the Department of Health & Human Service Office of Civil Rights...more

New Year, New Data Protection Law: Is Your Company Ready for the GDPR?

by Ward and Smith, P.A. on

The countdown has officially begun. On May 25, 2018, the European Union's ("EU") General Data Protection Regulation ("GDPR"), a sweeping data privacy and security regulation resulting from years of regulatory and political...more

WannaComply? OCR’s Application Of HIPAA’s Breach Notification Rule To Ransomware Attacks

by Ellis & Winters LLP on

Organizations worldwide are facing a new cybersecurity plague: ransomware attacks such as the recent, widely publicized, and global WannaCry[2] and Petya[3] outbreaks. In the typical case, after users click on a malicious...more

Cybersecurity and data protection laws are evolving across Asia

by DLA Piper on

Cybersecurity and data protection laws are changing rapidly across Asia, and companies wishing to avoid losing their business operations in key countries are taking note....more

Proposed Law Would Criminalize Failures to Report Data Breaches

A draft bill recently introduced in the U.S. Senate serves as a good reminder that compliance with data breach reporting requirements is critical. This bill follows significant, high-profile data breaches by Uber and Equifax,...more

Senators Re-Introduce Bill Requiring 30-Day Notification of Company Data Breaches

As we near the end of a year that has seen more than its share of massive data breaches, two bills have been introduced (one re-introduced) in the U.S. Senate....more

Senate Bill Introduced To Protect Personally Identifiable Information

by Jackson Lewis P.C. on

Primarily motivated by the several recent massive data breaches, Senate Democrats recently introduced a bill geared toward protecting Americans’ personal information against cyber attacks and to ensure timely notification and...more

eDiscovery and the GDPR: Ready or Not, Here it Comes, Part Two: eDiscovery Best Practices

by CloudNine on

...The first and overriding concept to be understood in dealing with the GDPR is how the regulation defines personal and sensitive data and then to determine how those definitions relate to data held by your organization....more

Bill Proposes Jail Time for Executives Who Conceal Data Breaches

by Alston & Bird on

On November 30, 2017, a group of U.S. senators re-introduced a bill, known as the Data Security and Breach Notification Act, which seeks to impose criminal liability of up to five years of jail time on any corporate executive...more

GDPR Breach Notification Checklist

by Womble Bond Dickinson on

U.S. companies now have to consider breach notification requirements under the GDPR in addition to data breach notification laws in the U.S. (enacted by 48 states and numerous regulators). Follow our chart to determine if...more

How Employers Can Become Experts at Data Breaches: HR service providers

by Bryan Cave on

A large portion of the data breaches that occur each year involve human resource related issues. This includes situations in which HR data was lost, employees were inadvertently responsible for the loss of information about...more

Clinical trials Part II: Privacy, cybersecurity risks, and managing ePHI

by Thompson Coburn LLP on

The ongoing digitization of the drug and medical device industries continues, and, as a result, new considerations have come to the forefront for companies engaged in clinical trials. In Part 1 of this series, we described a...more

555 Results
|
View per page
Page: of 23
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.