The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
On March 3, the U.S. District Court for the Central District of California granted final approval of a $1.75 million class action settlement resolving allegations related to a 2020 data breach that compromised nearly 100,000...more
On March 2, 2023, the Federal Trade Commission (FTC) announced a proposed settlement agreement (also referred to as “proposed consent order”) with BetterHelp, Inc., an online counseling service, for allegedly disclosing its...more
On February 1, 2023, the FTC announced a proposed $1.5 million settlement with GoodRx Holdings, based on alleged violations of the Federal Trade Commission Act (“FTC Act”) and Health Breach Notification Rule (“HBNR”) for...more
When it comes to ensuring enterprise data is safe, understanding recent rulings from different regulatory bodies and how they affect your organization is a vital first step, followed by reasonable measures to further...more
The University of Pittsburgh Medical Center (UPMC) recently settled a data breach class action for $450,000 stemming from a 2020 data breach that led to the compromise of about 36,000 UPMC patients....more
The Federal Government continues ramping up enforcement of data security requirements by deploying significant new enforcement theories and tools in support of cyber and data security controls required by federal law....more
Artech Information Systems settled a data breach class action this week for an incident that occurred in January 2020. Artech will pay up to $10,000 to each individual affected by the breach, based on a tiered payment system....more
EyeMed Vision Care, LLC, was the victim of a hacking incident in 2020 that compromised the personal information of 2.1 million consumers, including their names, addresses, Social Security numbers, member numbers of health and...more
Two major U.S. financial institutions, Morgan Stanley and Capital One, recently agreed to resolve separate class action lawsuits by paying, in the aggregate, hundreds of millions of dollars in compensation for massive data...more
New Mexico’s Attorney General, Hector Balderas, continues to champion children’s online privacy protections, this time settling with Google over alleged violations of the Children’s Online Privacy Protection Act (COPPA). ...more
FabFitFun, a fashion and beauty subscription service, settled claims that it failed to adequately protect and secure consumer data resulting in a data breach for a sum of $625,000 in the U.S. District Court for the Central...more
This week, a proposed data breach class action against Dickey’s Barbecue Restaurants Inc. was settled for $2.35 million in the U.S. District Court for the Northern District of Texas with approval of the settlement terms by...more
The New York Department of Financial Services (NYDFS) has settled alleged violations of the Department’s strict cybersecurity regulations with National Securities Corp. (NSC) for $3 million, over four separate cybersecurity...more
Since the passage of the California Consumer Privacy Act and because of the continued interest in the Illinois Biometric Information Privacy Act, there has been a focus on the amount of money class members may expect to...more
"HIPAA Compliance" seals are not a reliable indicator that a company's website employs reasonable measure to secure personal medical information. That is one lesson from a recently finalized settlement between the Federal...more
Sabre Corporation, the travel technology company, agreed to pay $2.4 million as a settlement with twenty-seven (27) State Attorneys General for a 2017 data breach involving hotel booking services....more
Earlier this week, the Federal Trade Commission (FTC) announced a settlement with Zoom that will require the company to enhance its data security practices to address allegations that the videoconferencing provider engaged in...more
The Federal Trade Commission (FTC) recently announced a settlement with Zoom Video Communications, Inc. (Zoom) after allegations that Zoom misled users through deceptive and unfair practices that made users believe their...more
The Federal Trade Commission (“FTC”) conducted an investigation into Zoom Video Communications, Inc.’s (“Zoom”) privacy and security practices and announced a settlement agreement on November 9, 2020. As a part of the...more
On October 8, 2020, Community Health Systems, Inc. (Community Health) and its subsidiary CHSPSC, LLC entered into a settlement agreement with 28 states for $5 million to resolve claims related to a 2014 data breach. Community...more
Following a very quiet start to HIPAA settlement activity in 2020, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced eight settlements with covered entities and business...more
On September 21, 2020, the HHS Office of Civil Rights (OCR) announced a $1.5 million settlement with Athens Orthopedic Clinic, a Georgia orthopedic clinic, to settle potential violations of the Health Insurance Portability...more
Consumer-directed health apps are experiencing a boom thanks to COVID-19, as consumers seeking to avoid doctors’ office waiting rooms are increasingly relying on apps to measure and maintain their health. That trend is...more
On Tuesday, September 15, New York Attorney General Letitia James announced a settlement with Dunkin’ Brands Inc. regarding a lawsuit in New York state court titled The People of The State of New York et al. v. Dunkin’ Brands...more
As we previously reported, Capital One Financial Corporation announced in July 2019 a major data security breach when an individual gained unauthorized access to personal information about Capital One credit card customers. ...more