Balancing cybersecurity incident disclosures has been a challenge for those in the trenches for years. That has not changed, and recent regulatory activity should not alter the challenges breach counsel confront. In short,...more
A cyber security incident is a stressful and frightening event for an organization’s team. When it comes to putting cyber plans in place, organizations need to prepare for the worst-case scenario since it is no longer a...more
OCR released a simple checklist and infographic last week to assist Covered Entities and Business Associates with responding to potential cyber attacks. As cybersecurity remains a pressing concern for health care entities,...more
On December 28, 2016, the New York Department of Financial Services ("DFS") released a revised version of a proposed regulation that would require banks, insurance companies, and other financial services institutions...more
Many New Year’s Resolutions focus on actions intended to save money and reduce stress. Organizations, especially those in the health care industry, should consider a resolution to review their breach notification procedures...more
With no Congressional consensus to adopt a federal data privacy and breach notification statute, states are updating and refining their already-existing laws to enact more stringent requirements for companies. Two states...more
On Tuesday, the House Energy & Commerce Subcommittee on Commerce, Manufacturing, and Trade held a hearing entitled "What are the Elements of Sound Data Breach Legislation?" This hearing was the first of the new Congress to...more