The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
Protecting Our Nation’s Data: Cybersecurity Compliance for Government Contractors
SEC’s New Cyber Rules for Publicly Traded Companies — The Consumer Finance Podcast
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Episode 293 -- Catching Up with California and Other State Privacy Laws
How to Fix the Cyber Incident Reporting Mess--DHS Weighs In
Regulatory Phishing Podcast - The Impact of Cybersecurity Compliance on Corporate Transactions
The Justice Insiders Podcast: Incidents in the Material World: SEC Adopts New Cybersecurity Rules
Episode 288 -- SEC Adopts Robust New Cybersecurity Disclosure Rules
2023 DSIR Report Deeper Dive into the Data
Cybersecurity Threats Facing Food and Agribusiness Companies & the Preparation and Protection Safeguards to Help Mitigate Them
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
2022 DSIR Report Deeper Dive: FTC
2022 DSIR Deeper Dive: Vendor Incidents
Unauthorized Access: An Inside Look at Incident Response
The State of Cyber: Breaking Down Recent Rules and Regulations
Mandatory Cyber Incident Reporting: Pros, Cons, and Next Steps
Cyberside Chats: Preserving Legal Privilege After a Cybersecurity Incident
Debra Geroux and Scott Wrobel on Responding to Data Breaches
On February 14, the Governor of New York signed into law SB 804 (the “Act”), which amends the general business law concerning when and how notifications for data breaches are provided to the New York Department of Financial...more
India just released a landmark draft of new rules to refine and implement the Digital Personal Data Protection Act (DPDP Act) – which is India’s first comprehensive data privacy legislation regulating digital personal data...more
With the onslaught of new privacy, AI and cyber legislation coupled with promises for enforcement and class action litigation, running a well-functioning and flexible privacy and cyber program is increasingly a critical...more
As part of our Cybersecurity Awareness Month program of events, we hosted our inaugural Cybersecurity Forum on October 1 at our London office and online. Compèred by Ffion Flockhart, global head of cybersecurity, the day’s...more
Let’s review for a moment. It’s not a HIPAA violation to be a victim of ransomware. It’s not a HIPAA violation to pay a ransom. It’s up to the covered entity (CE) to determine if a security or privacy incident is a...more
Pennsylvania-based Geisinger Health System said it experienced a breach impacting more than 1.27 million patients when a former employee of vendor Nuance Communications Inc., a Microsoft Corp. subsidiary, accessed patient...more
On May 13, the FTC’s amendment to the Safeguards Rule relating to the reporting of data breaches and security incidents, which were announced in October of 2023, became effective. As a reminder, the FTC’s Safeguards Rule...more
Organizations typically deal with ransomware attacks out of the public eye, but the massive scale of United Healthcare Group’s (UHG) February breach made that an impossibility. UHG CEO Andrew Witty was recently on the hot...more
Welcome to this month's issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice....more
Report on Patient Privacy 23, no. 12 (December, 2023) Northwell Health in New York and Cook County Health in Chicago each experienced impacts from a breach at Nevada-based transcription company Perry Johnson & Associates...more
When negotiating technology or data services contracts, businesses of all sizes and industries are now spending more time and attention on privacy controls. The increasing prevalence of comprehensive U.S. state privacy laws...more
As highlighted in the Data Security Incident Response Report, government entities such as universities, medical centers, public utilities and transportation services companies have become highly sought-after targets of cyber...more
Learning Objectives: - Overview of current US privacy/cybersecurity laws and regulation - Current cyber threats: overview of recent trends in cyberattacks and risk areas for healthcare providers - Incident Response: how...more
Each Academy provides three-and-a-half days of classroom-style training covering the latest laws, regulations, and developments to help you effectively manage your organization’s compliance program. They are ideal for...more
Last week, I discussed eDiscovery in the Asia Pacific (APAC) region in terms of what each country has in place from a rules and discovery standpoint. eDiscovery isn’t the only discipline where US-based bloggers like me tend...more
Welcome to this month's issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice. We invite you to share this resource with your colleagues and visit...more
White & Case Technology Newsflash - Fulfilling a company's data breach and cybersecurity incident notification and disclosure requirements is an increasing challenge. Companies operating across industry sectors and around...more
Join us on Thursday 19 September for the Hogan Lovells Privacy and Cybersecurity KnowledgeShare in London. We will share our latest thinking on the key privacy and cybersecurity issues faced by those with data protection...more
On October 6, California Governor Jerry Brown signed legislation updating California’s data breach notice statute for the third time in three years. The news was quickly overshadowed by the CJEU’s decision invalidating the...more
As we have reached the 4th quarter of 2015, many companies are actively planning for the next calendar year. In the last 12 months, privacy law has become a “front burner” issue for many companies....more