News & Analysis as of

Cybersecurity Enforcement Actions Fines

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Skadden, Arps, Slate, Meagher & Flom LLP

UK GDPR Regulator Fines Data Processor After Ransomware Attack

Skadden, Arps, Slate, Meagher & Flom LLP on

On 27 March 2025, the UK Information Commissioner’s Office (ICO) issued a £3.07 million fine to an IT services provider following a ransomware attack in 2022 that affected the company’s health care business. The ransomware...more

Robinson+Cole Data Privacy + Security Insider

A Year in Privacy and Security: Privacy Violations, Large-Scale Data Breaches, and Big Fines and Settlements

Robinson+Cole Data Privacy + Security Insider on

2024 was a year chock-full of data breaches and privacy violations. Many new data privacy and cybersecurity regulations were introduced (and became effective), and regulators sent a strong message to businesses that privacy...more

A&O Shearman

English Court reviews the ICOs first GDPR fine (again)

A&O Shearman on

In December 2019, the UK Information Commissioner’s Office (ICO) imposed a fine of £275,000 on Doorstep Dispensaree Limited (DDL) for multiple contraventions of the GDPR. On December 9 2024, five years on and three judgments...more

Saul Ewing LLP

No “Trick”: Plastic Surgery Practice Agrees to Pay a $500,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

On October 31, 2024, the U.S. Department of Health and Human Services (“HHS”), Office of Civil Rights (“OCR”) announced a $500,000 settlement with Plastic Surgery Associates of South Dakota (“PSA”) concerning potential...more

EDRM - Electronic Discovery Reference Model

Implications of the €310 Million LinkedIn Fine for GDPR Compliance

EDRM - Electronic Discovery Reference Model on

ComplexDiscovery’s Editor’s Note: This recent €310 million fine imposed on LinkedIn by Ireland’s Data Protection Commission (DPC) marks a powerful moment in GDPR enforcement, underlining the regulatory rigor facing global...more

Keating Muething & Klekamp PLL

SEC Fines Four Companies $7M for Violating Cyber Disclosure Rules

Keating Muething & Klekamp PLL on

On October 22, 2024, the Securities and Exchange Commission charged four companies with making materially misleading disclosures about their cybersecurity risks. Each of the companies—Unisys Corp., Avaya Holdings Corp., Check...more

Guidepost Solutions LLC

The SEC has new Cybersecurity Rules. Are you prepared and ready?

Guidepost Solutions LLC on

On July 26, 2023, the Securities and Exchange Commission (SEC) implemented new cybersecurity rules to require disclosure of material cybersecurity incidents within four business days, with limited exceptions.  Additionally,...more

Orrick, Herrington & Sutcliffe LLP

Top 5 Takeaways from NYDFS $1.2 Million Fine in Cybersecurity Case

Orrick, Herrington & Sutcliffe LLP on

On May 1, the New York Department of Financial Services (“NYDFS” or “Department”) and a trading platform entered into a consent order to resolve deficiencies identified during examinations conducted in 2018 and 2020. The...more

Robinson+Cole Data Privacy + Security Insider

NYAG Issues Fine Against Law Firm for Data Breach

Robinson+Cole Data Privacy + Security Insider on

New York Attorney General Letitia James announced on March 27, 2023 that she had levied a fine against law firm Heidell, Pittoni, Murphy & Bach LLP for failing to secure personal and health information of clients exposing the...more

Orrick, Herrington & Sutcliffe LLP

U.S. messaging service fined €5.5 million for GDPR violations

Orrick, Herrington & Sutcliffe LLP on

On January 19, the Irish Data Protection Commission (DPC) announced the conclusion of an inquiry into the data processing practices of a U.S.-based messaging service’s Ireland operations and fined the messaging service €5.5...more

Health Care Compliance Association (HCCA)

OCR: Current Fines Too Low to Spur Compliance; Agency Also Seeks Funding Boost, Injunctive Relief

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more

Bracewell LLP

SEC Gets Cyber-Serious About Disclosures

Bracewell LLP on

As cyberattacks continue to attract greater attention, the SEC has taken an additional step in its efforts to bring enforcement actions related to cyber disclosures. On June 14, the SEC announced settled charges against a...more

Patterson Belknap Webb & Tyler LLP

New York DFS Fines Mortgage Lender in Cybersecurity Enforcement Action

Patterson Belknap Webb & Tyler LLP on

New York’s Department of Financial Services (“DFS”) announced on Wednesday, March 3, 2021, that an independent mortgage lender, Residential Mortgage Services Inc. (“RMS”), has agreed to pay a $1.5 million fine to the agency...more

Hogan Lovells

Spanish DPA shakes the privacy status quo in Spain – highest fines yet on personal data

Hogan Lovells on

The Spanish Data Protection Agency (“Spanish DPA”) decided to start 2021 the same way it ended 2020: by imposing the highest fines to date (EUR 5,000,000 and 6,000,000) to two large Spanish financial entities. ...more

Hogan Lovells

German court drastically reduces GDPR fine

Hogan Lovells on

Germany has seen a couple of record GDPR fines since the German Data Protection Authorities (DPA) issued their guidance paper on how to measure GDPR fines in October 2019. One of these DPA sanctions was recently subject to...more

Orrick, Herrington & Sutcliffe LLP

ICO Fines: When Is An Appeal Appealing?

Orrick, Herrington & Sutcliffe LLP on

The decision to appeal a regulatory finding is never taken lightly. By the time a regulator has completed its investigation and notified a company of its intention to fine, the company will have invested significant time and...more

Orrick, Herrington & Sutcliffe LLP

A Survival Guide for GDPR Enforcement Actions from a German Perspective – How to Assess and Mitigate Fines for GDPR Violations

Orrick, Herrington & Sutcliffe LLP on

Since the first enforcement actions have been initiated, some with significant fines, many companies may find themselves somewhat at a loss as they may not fully know how to assess the risks involved and how to react should...more

Robinson+Cole Health Law Diagnosis

Texas Health and Human Services Fined $1.6 Million for HIPAA Violations

Robinson+Cole Health Law Diagnosis on

The Office for Civil Rights (OCR) announced that it has fined the Texas Health and Human Services Commission (TXHHS) $1.6 million for HIPAA violations. This is one of the few fines the OCR has levied against a state agency....more

Mitratech Holdings, Inc

The Scariest Data Privacy Breaches of 2019

Mitratech Holdings, Inc on

With it being Halloween, October being National Cybersecurity Awareness Month, and 2019 drawing to an end, let’s take a look at the data privacy breaches giving compliance professionals a fright this year! ...more

Robinson+Cole Data Privacy + Security Insider

Dental Practice Pays $10,000 Fine to OCR for Disclosing PHI on Social Media

Robinson+Cole Data Privacy + Security Insider on

Elite Dental Associates (Elite), located in Dallas, Texas has agreed to settle alleged HIPAA violations with the Office for Civil Rights (OCR) for $10,000....more

Hogan Lovells

GDPR Enforcement Update: Increasing Fines Expected from German DPAs

Hogan Lovells on

Many companies have been struggling with GDPR implementation over the past two years, putting much effort into new roles, privacy concepts, and workflows. ...more

Sheppard Mullin Richter & Hampton LLP

SEC Issues $1 Million Identity Theft Rule Fine

Sheppard Mullin Richter & Hampton LLP on

The Securities and Exchange Commission recently settled with Voya Financial Advisors, Inc. for alleged violation of Regulation S-ID (otherwise known as the Identity Theft Red Flags Rule) and Regulation S-P (otherwise known as...more

Jackson Walker

Internet of Things Part 2: Dogs, Cameras, and Cybersecurity

Jackson Walker on

I recently purchased an Internet Protocol (IP) camera to monitor my dog, Ruben, during those times that he has free reign of the house. Since “RubenCam” has been online, I’m not sure he has been any less rambunctious, but I’m...more

Fisher Phillips

Yahoo Fined $35 Million for Failing to Report Data Breach

Fisher Phillips on

On April 24, 2018, the Securities Exchange Commission (SEC) announced a $35 million fine against the company formerly known as Yahoo! Inc. (now known as Altaba, Inc.) for failing to disclose a massive cyber data breach to its...more

24 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide