Digital Planning Podcast - Interview With Leeza Garber
Compliance into the Weeds-Episode 39, Disclosure of Ransomware Attacks
Your Cyber Minute: Compliance with the Proposed NYDFS Cybersecurity Regulation
Safeguards against Data Security Breaches (Part One)
Data security is a major concern across virtually all areas of the legal profession particularly in 2024 thanks in part to a record-breaking number of cyber incidents last year that cost companies an average of $4.45 million...more
In this week’s edition of Consumer Protection Dispatch, we look at the latest regulatory developments from the U.S. Department of Commerce, Consumer Financial Protection Bureau, and the Securities and Exchange Commission...more
If you have a tendency to reuse the same password across multiple accounts, you could be leaving yourself (and your organization) exposed to risk. Credential stuffing, the stealthy technique fueling a recent explosion of...more
On February 1, the Federal Trade Commission (FTC or “the Commission”) announced that it had reached a settlement with Blackbaud, a software company, resolving claims related to a 2020 data breach that resulted in the...more
2023 was the most devastating year yet for ransomware attacks, with businesses forking over $1 billion in ransom payments for the first time ever – and 2024 is expected to be even worse. Beyond the payments, the average cost...more
There has been a lot of coverage about the Federal Communications Commission’s (FCC and Commission) new and expansive data breach notification Order, approved on a 3-2 vote at the Commission’s December 13 Open Meeting. Much...more
Organizations attacked with ransomware have a bevy of decisions to make, very quickly! One of those decisions is whether to pay the ransom. Earlier this year, I had the honor of contributing to a two-part series, entitled...more
On March 9, 2022, the Securities and Exchange Commission (“SEC”) announced Proposed Rules on cybersecurity risk management, strategy, governance, and incident disclosure (“Proposed Rules”) to address concerns of increasing...more
The Federal Trade Commission has reached a settlement in the matter of CafePress. Here are some things you should know: Data minimization: •Storing information indefinitely on your network without a business need creates...more
The FTC has reached a settlement with Residual Pumpkin Entity, LLC and PlanetArt, LLC—the former and current owners of online merchandise platform CafePress (collectively, “CafePress”)—to resolve allegations that CafePress...more
On October 27, 2021 the FTC issued a final rule (the “Final Rule”) amending 16 CFR Part 134, Standards for Safeguarding Customer Information (“Safeguards Rule”), after a period of notice and comment. While the existing...more
Ransomware attacks are on the rise. Cyber criminals continue to exploit lax security measures, which have become more acute in the work-from-home environment, and hack into companies’ systems, encrypt their data, and then...more
New Jersey Acting AG Andrew Bruck reached a settlement with healthcare provider Diamond Institute for Infertility and Menopause, LLC (“Diamond”) to resolve allegations stemming from a 2016 data breach that compromised the...more
In our first article to kick off Cybersecurity Awareness Month, we will discuss some steps businesses can take to improve their cyber hygiene. Over the past few years, some of the largest and well-known companies have been...more
Most observers believe that the legal profession is rapidly moving toward so-called “hybrid workplaces,” a term office managers use to describe a mixed-work environment that spans brick-and-mortar law offices, home offices,...more
Once again, we see that inaccurate information in a privacy policy can land an organization in hot water. On June 7, 2021, the Federal Trade Commission (FTC) announced a proposed settlement with MoviePass pertaining to its...more
The Colonial Pipeline ransomware attack was the largest in the energy sector to date, and with cybercrimes up 100% from 2019 to 2020 this is only the beginning for 2021. Many organizations are taking on a digital...more
In McMorris v. Carlos Lopez & Associates, LLC, a data breach case, the Second Circuit held that plaintiffs may demonstrate standing based on a theory of “increased risk” of future identity theft or fraud following an...more
On January 14, the Fifth Circuit vacated the University of Texas M.D. Anderson Cancer Center’s (M.D. Anderson) $4.3 million fine for HIPAA violations arising from its loss of more than 35,000 individuals’ protected health...more
As more organizations find themselves under scrutiny for the way they collect and use consumer data, maintaining CCPA compliance has never been more important. CCPA has been introduced to give control back to consumers,...more
Crosmun v. The Trustees of Fayetteville Technical Community College Provides Much Needed Guidance to NC Courts on How to Properly Craft eDiscovery Protocols - The Court of Appeals decision in Crosmun is important because...more
The Digital Planning Podcast is designed to educate individuals about all things digital in connection with estate planning, business planning, and estate administration. Your hosts, attorneys Jennifer Zegel, Ross Bruch, and...more
One side effect of the COVID-19 pandemic on data security is that the sudden need to convert the workplace from onsite to remote operations potentially has required many organizations to use older equipment or personal...more
On July 27, 2020, the U.S. Department of Health and Human Services (HHS) announced that it reached a settlement with a Rhode Island nonprofit health system related to the theft of an unencrypted laptop containing its...more
After a long quiet period, the second HIPAA settlement to be announced by the U.S. Department of Health and Human Services (HHS) in an orchestrated one-two punch was far more costly to the second violator. Lifespan Health...more