News & Analysis as of

Cybersecurity Breach Notification Rule Enforcement Actions

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Health Care Compliance Association (HCCA)

With Nod to OCR, Indiana Inks $350K Deal With Dental Firm Following Hack

Health Care Compliance Association (HCCA) on

Recent federal enforcement actions have brought home the lesson that there’s really no acceptable reason for denying a patient timely access to medical records. Last year, for example, the HHS Office for Civil Rights (OCR)...more

Barnea Jaffa Lande & Co.

Cybersecurity Enforcement Tightens in NY, Reflecting a Trend

Barnea Jaffa Lande & Co. on

The New York State Department of Financial Services (NYDFS) and the Attorney General’s office have recently imposed significant fines totalling $11.3 million on Geico and Travelers for data breaches that compromised the...more

Alston & Bird

The Digital Download – Alston & Bird’s Privacy & Data Security Newsletter – August 2024

Alston & Bird on

Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more

ArentFox Schiff

Key Takeaways from OCR’s CY22 HIPAA Reports to Congress

ArentFox Schiff on

On February 14, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its annual reports to Congress detailing its actions to enforce the privacy, security, and breach notification...more

WilmerHale

2024 Privacy Law Preview

WilmerHale on

As we have detailed previously, 2023 was a landmark year for privacy law, featuring numerous developments at the federal, state and international levels, ranging from newly enacted statutes to massive regulatory enforcement...more

WilmerHale

FTC Announces Enforcement Action Against Global Tel*Link Corporation for Unfair Data Security Practices and Inadequate Data Breach...

WilmerHale on

On November 16, the Federal Trade Commission (FTC) announced an enforcement action against Global Tel*Link Corporation and two of its subsidiaries (collectively, “GTL”), which provide communications and payment services to...more

Patterson Belknap Webb & Tyler LLP

The FTC Fires Its First Shot Under the HBNR

Patterson Belknap Webb & Tyler LLP on

Last month, the Federal Trade Commission (“FTC”) announced its first-ever enforcement action under the Health Breach Notification Rule (“HBNR” or “the Rule”).  In a complaint filed in February, the agency alleged that GoodRx...more

Akin Gump Strauss Hauer & Feld LLP

FTC’s First-of-Its-Kind Health Breach Notification Rule Enforcement Action

Akin Gump Strauss Hauer & Feld LLP on

On February 1, 2023, the Federal Trade Commission (FTC) announced that it had taken enforcement action against prescription drug discount company GoodRx, which agreed to injunctive relief and to pay a $1.5 million civil...more

Wyrick Robbins Yates & Ponton LLP

Not What the Doctor Ordered: GoodRx to Pay $1.5 Million in FTC’s First Enforcement of the Health Breach Notification Rule

Wyrick Robbins Yates & Ponton LLP on

The Federal Trade Commission earlier this month undertook an enforcement action against online pharmacy and telehealth provider GoodRx, in the latest example of the agency seriously pursuing its role as the nation’s de facto...more

Jones Day

Consumer Health Information and Increased Scrutiny: FTC Brings First Action Under Health Breach Notification Rule

Jones Day on

The Federal Trade Commission ("FTC") has brought its first enforcement action for violations of the Health Breach Notification Rule ("HBNR"), signaling heightened federal agency scrutiny of digital health platforms,...more

Epstein Becker & Green

FTC Brings Enforcement Action under FTC Act and Health Breach Notification Rule Based on GoodRx’s Use of Advertising Tracking...

Epstein Becker & Green on

On February 1, 2023, the FTC announced a proposed $1.5 million settlement with GoodRx Holdings, based on alleged violations of the Federal Trade Commission Act (“FTC Act”) and Health Breach Notification Rule (“HBNR”) for...more

Robinson+Cole Data Privacy + Security Insider

Twitter fined $546,000 in December 2020 by European Data Protection Authority for 2019 Breach Notification Violations

Robinson+Cole Data Privacy + Security Insider on

The Irish Data Protection Commission (DPC) fined Twitter 450,000 euros (about US$546,000) for failing to timely notify the Irish DPC within the required 72 hours of discovering a Q4 2018 breach involving a bug in its Android...more

Steptoe & Johnson PLLC

Some HIPAA Happenings

Steptoe & Johnson PLLC on

Proposed Modifications to HIPAA Regulations under Consideration - On December 14, 2018, HHS issued its Request for Information on Modifying HIPAA Rules to Improve Coordinated Care as part of its Regulatory Sprint to...more

Skadden, Arps, Slate, Meagher & Flom LLP

Privacy & Cybersecurity Update - August 2018

Skadden, Arps, Slate, Meagher & Flom LLP on

In this month's edition of our Privacy & Cybersecurity Update, we examine Brazil's new data protection regulation, the French data protection authority's warning to two companies of potential GDPR violations and the U.S....more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - October 2017 #2

Robinson & Cole LLP on

FBI Issues Flash Alert on Apache Struts Vulnerability - The Apache Struts vulnerability has been mentioned frequently in the media over the past month, as it is believed to have been involved in one of the largest and most...more

Robinson+Cole Data Privacy + Security Insider

Vermont AG Settles with SAManage for $264,000 for Delayed Breach Notification

Robinson+Cole Data Privacy + Security Insider on

The Vermont Attorney General (AG) recently announced that it has settled with SAManage USA, a business support services company, for failing to timely notify 660 Vermont residents that their names and Social Security numbers...more

Mintz

Equifax Breach: Three Takeaways from the First Four Days

Mintz on

On September 7, 2017, Equifax, one of the three large credit reporting bureaus, announced a cybersecurity incident impacting approximately 143 million U.S. consumers. According to Equifax, the breach occurred mid-May through...more

Skadden, Arps, Slate, Meagher & Flom LLP

"Privacy & Cybersecurity Update - January 2017"

Skadden, Arps, Slate, Meagher & Flom LLP on

In this edition of our Privacy & Cybersecurity Update, we discuss how the prospect of a new chair and three new commissioners at the FTC may impact the agency's approach to cybersecurity regulation, a new Massachusetts...more

Skadden, Arps, Slate, Meagher & Flom LLP

Privacy & Cybersecurity Update - September 2015

Skadden, Arps, Slate, Meagher & Flom LLP on

Adviser to European Court of Justice Says US-EU Safe Harbor Should Be Declared Invalid - An advisory opinion issued by the advocate general to the European Court of Justice states that the U.S.-EU Safe Harbor should be...more

Burr & Forman

SEC Shows It’s Serious About Cyber Security

Burr & Forman on

A week after OCIE announced it would conduct a second round of cyber-security exams, the Commission emphasized the issue by bringing an enforcement action against a non-custodial investment-adviser over a remediated data...more

Orrick, Herrington & Sutcliffe LLP

Don't Wait for It; Recent HIPAA Enforcement Action Signal More to Come in Phase 2 Audits

Orrick, Herrington & Sutcliffe LLP on

Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more

K&L Gates LLP

Cybersecurity: The Obama Administration Proposes Legislation - Proposals Would Standardize Breach Notification Requirements,...

K&L Gates LLP on

On January 13, 2015, in response to the continuing onslaught of cyber attacks, including the recent cybersecurity attack and data loss at Sony Pictures Entertainment, the Obama Administration sent to Congress three...more

22 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide