News & Analysis as of

Cybersecurity Fines

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Skadden, Arps, Slate, Meagher & Flom LLP

UK GDPR Regulator Fines Data Processor After Ransomware Attack

Skadden, Arps, Slate, Meagher & Flom LLP on

On 27 March 2025, the UK Information Commissioner’s Office (ICO) issued a £3.07 million fine to an IT services provider following a ransomware attack in 2022 that affected the company’s health care business. The ransomware...more

Ankura

NIS2: What It Means for Businesses in APAC

Ankura on

NIS2 (Network and Information Systems Directive 2) is the updated version of the NIS Directive, which the EU first introduced in 2016. The original NIS Directive aimed to enhance cybersecurity across member states by...more

Robinson+Cole Data Privacy + Security Insider

A Year in Privacy and Security: Privacy Violations, Large-Scale Data Breaches, and Big Fines and Settlements

Robinson+Cole Data Privacy + Security Insider on

2024 was a year chock-full of data breaches and privacy violations. Many new data privacy and cybersecurity regulations were introduced (and became effective), and regulators sent a strong message to businesses that privacy...more

A&O Shearman

English Court reviews the ICOs first GDPR fine (again)

A&O Shearman on

In December 2019, the UK Information Commissioner’s Office (ICO) imposed a fine of £275,000 on Doorstep Dispensaree Limited (DDL) for multiple contraventions of the GDPR. On December 9 2024, five years on and three judgments...more

Health Care Compliance Association (HCCA)

Privacy Briefs: November 2024

Health Care Compliance Association (HCCA) on

Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more

Saul Ewing LLP

No “Trick”: Plastic Surgery Practice Agrees to Pay a $500,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

On October 31, 2024, the U.S. Department of Health and Human Services (“HHS”), Office of Civil Rights (“OCR”) announced a $500,000 settlement with Plastic Surgery Associates of South Dakota (“PSA”) concerning potential...more

Reveal

A Corporate Lawyer's Guide To Data Privacy & Data Protection

Reveal on

Privacy laws bring substantial compliance challenges for every organization that collects, processes, stores, and transfers personal data anywhere in the world. For legal departments, compliance professionals and internal...more

HaystackID

[Webcast Transcript] Anatomy of a Business Email Compromise

HaystackID on

Editor’s Note: This webcast brings together some of HaystackID’s top experts to dissect the intricacies of Business Email Compromise (BEC) attacks—a rapidly growing threat impacting organizations globally. During the...more

Pillsbury Winthrop Shaw Pittman LLP

Navigating the EU’s “NIS 2” Directive: Key Cybersecurity Compliance Points for Businesses Operating in the EU to Consider

Pillsbury Winthrop Shaw Pittman LLP on

The NIS 2 Directive requires a wide range of in-scope organizations to adopt robust cybersecurity measures and incident response plans....more

EDRM - Electronic Discovery Reference Model

Implications of the €310 Million LinkedIn Fine for GDPR Compliance

EDRM - Electronic Discovery Reference Model on

ComplexDiscovery’s Editor’s Note: This recent €310 million fine imposed on LinkedIn by Ireland’s Data Protection Commission (DPC) marks a powerful moment in GDPR enforcement, underlining the regulatory rigor facing global...more

Keating Muething & Klekamp PLL

SEC Fines Four Companies $7M for Violating Cyber Disclosure Rules

Keating Muething & Klekamp PLL on

On October 22, 2024, the Securities and Exchange Commission charged four companies with making materially misleading disclosures about their cybersecurity risks. Each of the companies—Unisys Corp., Avaya Holdings Corp., Check...more

NAVEX

Understanding the NIS2 Directive: What it Means for Cybersecurity in the EU

NAVEX on

You might have yet to hear of the NIS2 Directive, but you should be aware of it if you’re in any sector that relies on digital infrastructure. Whether you’re a business owner, IT professional, or curious about how the EU...more

Dechert LLP

Dechert Cyber Bits - Issue 61

Dechert LLP on

X Agrees to Stop Processing EU Data to Train its Grok AI - Ireland’s Data Protection Commission (“DPC”) recently filed an urgent High Court application against X (formerly Twitter) for using the personal data of European...more

Skadden, Arps, Slate, Meagher & Flom LLP

Utah Becomes First State To Enact AI-Centric Consumer Protection Law

Skadden, Arps, Slate, Meagher & Flom LLP on

On March 13, 2024, Utah enacted the Utah Artificial Intelligence Policy Act (UAIP), which imposes certain disclosure requirements on entities using generative AI tools with their customers, and limits an entity’s ability to...more

Hogan Lovells

GDPR fines: German court specifies requirements for fine notices in light of ECJ case-law

Hogan Lovells on

Following the European Court of Justice’s (“ECJ”) landmark judgement of 5 December 2023 (case no. C-807/21), the Higher Regional Court of Berlin specified the requirements for GDPR fine notices issued by data protection...more

Cozen O'Connor

No X-Ray Vision Necessary for this Security Breach

Cozen O'Connor on

New York AG Letitia James settled with US Radiology Specialists, Inc. to resolve allegations that the private radiology group violated New York’s Executive Law and General Business Law by failing to adequately protect...more

Health Care Compliance Association (HCCA)

BA Depicted by OCR as Example of Ransomware Dangers Recovered Quickly, Didn’t Expect Fine

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 23, no. 11 (November, 2023) Tim DiBona clearly remembers Christmas Eve 2018 when the staff of his small firm—Doctors’ Management Service (DMS)—arrived at their West Bridgewater, Mass., office to...more

Dechert LLP

Dechert Cyber Bits - Issue 43 | Key Developments in Privacy & Cybersecurity

Dechert LLP on

NSA and CISA Release Report on “Top Ten” Cybersecurity Misconfigurations; CISA Calls for Software Manufacturers to Implement Best Practices - On October 5, 2023, the United States National Security Agency (NSA) and...more

Brownstein Hyatt Farber Schreck

HHS Hits Nation’s Largest Public Health Plan with Severe Corrective Action Plan

Brownstein Hyatt Farber Schreck on

Paying the $1.3 million fine is the easy part. Complying with the CAP is a different undertaking. On Sept. 11, 2023, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced an...more

Awatif Mohammad Shoqi Advocates & Legal...

Cyber Crime - Protecting Yourself from Publishing Scams in the UAE

Awatif Mohammad Shoqi Advocates & Legal... on

Introduction: In the rapidly advancing digital age, cybercrime has become a serious global concern, and the UAE is not immune to this threat. Scammers are becoming increasingly sophisticated, using tactics such as fake calls,...more

Guidepost Solutions LLC

The SEC has new Cybersecurity Rules. Are you prepared and ready?

Guidepost Solutions LLC on

On July 26, 2023, the Securities and Exchange Commission (SEC) implemented new cybersecurity rules to require disclosure of material cybersecurity incidents within four business days, with limited exceptions.  Additionally,...more

Orrick, Herrington & Sutcliffe LLP

Top 5 Takeaways from NYDFS $1.2 Million Fine in Cybersecurity Case

Orrick, Herrington & Sutcliffe LLP on

On May 1, the New York Department of Financial Services (“NYDFS” or “Department”) and a trading platform entered into a consent order to resolve deficiencies identified during examinations conducted in 2018 and 2020. The...more

Mintz - Privacy & Cybersecurity Viewpoints

Mintz May Madness: Comprehensive Data Privacy Laws Sweeping the Nation

Mintz - Privacy & Cybersecurity Viewpoints on

Indiana's New Law is on the Books - Last month, three more state legislatures passed comprehensive data privacy laws. Just this week, Indiana’s governor signed one of them - the Indiana Consumer Data Privacy Act (“ICDPA’) -...more

Robinson+Cole Data Privacy + Security Insider

NYAG Issues Fine Against Law Firm for Data Breach

Robinson+Cole Data Privacy + Security Insider on

New York Attorney General Letitia James announced on March 27, 2023 that she had levied a fine against law firm Heidell, Pittoni, Murphy & Bach LLP for failing to secure personal and health information of clients exposing the...more

Hogan Lovells

Brazil's ANPD approves the Regulation on Dosimetry and Application of Administrative Sanctions

Hogan Lovells on

The National Data Protection Authority (ANPD) has recently published Resolution CD/ANPD No 4/2023, which approves the Regulation for Dosimetry and Administrative Sanctions (RDASA) in cases of violation of Law No 13,709/2018....more

83 Results
 / 
View per page
Page: of 4
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide