Medical Device Legal News with Sam Bernstein: Episode 10
Drafting Consumer Breach Notices — From a Litigation Perspective - Unauthorized Access Podcast
IP|Trend: Dust up After the Breach
Hot Topics Roundtable for Fund Managers - Cybersecurity, Valuation, and More
The New York State Department of Financial Services (NYDFS) and the Attorney General’s office have recently imposed significant fines totalling $11.3 million on Geico and Travelers for data breaches that compromised the...more
New York’s Cybersecurity Regulation continues its phased roll-out on November 1, when licensed financial services companies face a host of new requirements aimed at bolstering breach readiness and improving their ability to...more
The HHS Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying 946,801 people whose protected health information or other personally identifiable information...more
Cyber incidents have been growing at an exponential rate in recent years. A recent report from the Identity Theft Resource Center found that there were over one billion data breach victims in Q2 of 2024, which is around five...more
Share on Twitter Print Share by Email Share Back to top “The basic idea for covered firms is if you’ve got a breach, then you’ve got to notify. That’s good for investors.” Those were among the remarks that U.S. Securities and...more
On May 16, 2024, the SEC amended Regulation S-P to impose new data privacy and security requirements on broker-dealers, registered investment advisers, investment companies (whether or not they are registered with the SEC),...more
Organizations typically deal with ransomware attacks out of the public eye, but the massive scale of United Healthcare Group’s (UHG) February breach made that an impossibility. UHG CEO Andrew Witty was recently on the hot...more
At the recent In-House Counsel Seminar, three Ward and Smith attorneys presented a realistic role play response to an incidence of wire fraud, addressing red flags associated with fraudulent communications, corporate incident...more
The FCC has significantly expanded telecommunications carriers’ data breach notification and reporting obligations. Telecommunications carriers, including Voice over Internet Protocol (VoIP) services, and telecommunications...more
For many, responding to an incident feels chaotic — questions swirling, uncertainties piling up, and no clear direction. Even when prepared with a well-rehearsed incident response plan, a data security incident places a...more
The Federal Trade Commission has issued new guidance under which consumers or companies should be notified of data breaches “regardless of whether a breach notification law applies.” Our Consumer Protection/FTC Team analyzes...more
Efforts to secure systems and data from a cyberattack often focus on measures such as multifactor authentication (MFA), endpoint monitoring solutions, antivirus protections, and role-based access management controls, and for...more
It’s been a busy 2021 legislative session for changes to data breach laws, and that means it is time to review and update your incident response plans. Several states have shortened data breach notification timelines or...more
This 10-step guide will walk you through the upcoming changes to the Personal Information Protection and Electronic Documents Act (PIPEDA), the factors to consider in being prepared under PIPEDA and other related...more
In today’s world of mandatory breach notification, individuals get prompt notification of an incident that may compromise their personal information. Mandatory breach notification has been part of Alberta’s private sector...more
The security breach announced by Equifax Inc. on September 7, 2017, grabbed headlines around the world as Equifax revealed that personal data of roughly 143 million consumers in the United States and certain UK and Canadian...more
Equifax, the international credit reporting agency, confirmed that a data breach exposed the personal information of approximately 143 million U.S. consumers. The breach occurred from May through July of this year. Breached...more
On January 3, the Office of Management and Budget (OMB) issued Memorandum M-17-12, which clarifies how federal agencies should prepare for and respond to data security breaches involving personally identifiable information...more
On October 25, 2016, the Federal Trade Commission (FTC) released its nonbinding “Data Breach Response” guide with an accompanying blog post and video, all directed to help businesses prepare a data breach response plan. The...more
In this edition of our Privacy & Cybersecurity Update, we take a look at the FCC's new rules for broadband privacy, the FTC's new playbook for data breach response and notification, the NHTSA's voluntary guidance for...more
Data breaches are fast becoming a fact of life. Experiencing a data breach is never a pleasant experience, regardless of how it happens – by accident, by criminal intent, or by system failure. Someone steals a company...more
On October 25, the Federal Trade Commission (FTC) released new guidance for businesses that outlines recommended actions to take when facing a data breach. This data breach response guide (Guide) follows the FTC's prior...more
The spring legislative sessions this year brought a now-familiar round of revisions to data breach notification laws, with states broadening their laws in often divergent ways. This year, Illinois, Nebraska, and Tennessee...more
If you have had to provide data breach notices across any number of states (and who hasn’t….), you would know that they vary widely in how those notices must be provided to state regulators. In some states (for example,...more
In September 2015, a U.S. Department of Health and Human Services (HHS), Office of the Inspector General (OIG), report found that the Office of Civil Rights (OCR), the agency charged with ensuring compliance with the Health...more