News & Analysis as of

Gramm-Leach-Blilely Act Health Insurance Portability and Accountability Act

State Data Breach Notification Laws

by Foley & Lardner LLP on

While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more

Vendor Breaches and Their Implications for Employers

by Littler on

The announcement by Equifax, Inc. that it had been victimized in a hacking incident involving the personal information of 143 million Americans generated headlines this past week. The sheer size of the hack means that most...more

Case Update: In Consumer Data Breach Case, Eleventh Circuit Indicates Concern over Scope of FTC’s Enforcement Actions

by Dorsey & Whitney LLP on

On June 21, 2017, the Eleventh Circuit Court of Appeals heard oral argument in LabMD, Inc. v. FTC, Case No. 16-16270, a case that is being carefully watched to see if it will clarify the limits of the Federal Trade...more

Washington becomes the third state with a biometric privacy law: five key differences

by DLA Piper on

The State of Washington has become the third state (after Illinois and Texas) to enact a law regulating biometric information (HB 1493). The new law, enacted in mid-May, goes into effect on July 23, 2017....more

Blog: New Mexico Poised to Add the ‘Data Breach Notification Act’ to the Patchwork of State-Level Data Privacy Laws

by Cooley LLP on

The New Mexico Legislature passed the ‘Data Breach Notification Act’ (the Act) on March 15. The Act is now with Governor Susana Martinez who has 20 days from the date the Act was passed to sign it into law. If enacted, the...more

Notable New State Privacy and Data Security Laws – Part Two

by Snell & Wilmer on

This is the second in a two-part series addressing recent developments in state privacy and data security laws. This article addresses new laws about student privacy, enforcement/ punishment for data privacy and security...more

New Year, New Rules – The 2017 Illinois Personal Information Protection Act

by Locke Lord LLP on

On January 1, 2017, Illinois ushered in a broader and stronger personal information and data breach regime. The Illinois Personal Information Act (PIPA), 815 ILCS § 530, applies any entity that “handles, collects,...more

Bullet Points on a Primer: The Quick Version of the Sedona Conference’s Data Privacy Primer

by Carlton Fields on

The Sedona Conference has just published the public comment version of its Data Privact Primer, a publication of its very active Working Group on Data Security and Privacy Libaility. The primer is excellent. ...more

Do You Know Where Your Data Is Located? Why Knowing is Half the Battle

by Jaburg Wilk on

Whether you realize it or not, you are probably storing some personal or business data in the cloud. The National Institute of Standards and Technology (NIST) defines cloud computing as a model for enabling ubiquitous,...more

2016 Breach Roundup, Part I: U.S. State Data Breach Notification Laws Highlights and Trends

by Alston & Bird on

In many respects, 2016 has been a remarkable year, but one constant with recent history is that multiple states (six this year) amended their breach notification statutes. As is commonly stated, the U.S. ...more

FTC Publishes Data Breach Response Guidelines

by Goulston & Storrs PC on

Whether resulting from a planned cyberattack or mere carelessness, data breaches are on the rise. In 2015, 781 data breaches were reported across the United States, with the average breach costing $3.8 million. In 2016, the...more

Fenwick Privacy Bulletin - Fall 2016

by Fenwick & West LLP on

Privacy Shield – An Early Reflection - EU law generally prohibits the transfer of personal data from the European Economic Area to the U.S., unless the transfer is made in accordance with an authorized data transfer...more

Privacy & Cybersecurity Update: New York State Proposes Cybersecurity Regulation for Financial Institutions

New York state has proposed a new regulation — to go into effect January 1, 2017 — that would require banks, insurance companies and other financial services institutions regulated by the New York State Department of...more

3 Essential Steps For Responding To Ransomware Attacks

by Jackson Lewis P.C. on

Likely because most victims comply with their demands, the incidence of attacks by ransomware hackers has exploded in 2016. Guidance issued by the U.S. Department of Health and Human Services (“HHS”) in July notes that, on...more

Heal Thyself: Insider Threats to Heed, Especially for Industries with Large Amounts of Personal Information

by Carlton Fields on

A recent study by the Ponemon Institute found that insider threats due to malicious or negligent employees are the leading cause of private-sector cybersecurity incidents. Of the over 600 information security professionals...more

Illinois Joins the Fray: Strengthens its Laws Around Data Breach Notification and Data Security

Sophisticated phishing scams and muscular hacking efforts continue to compromise personal and sensitive information held by insurers, hospital systems, and businesses large and small. In response, many states have...more

The Paper Trail: The Potential Data-Breach Sitting in your Printer

In April 2016, the sensitive personal medical information of NFL players was stolen from the car of a trainer who had left the files in a backpack in his locked car. In 2014, Safeway, Inc. settled charges brought by the...more

Tennessee Legislature Amends Data Breach Notification Statute - Encryption is No Longer an Automatic Safe Harbor

by Miller & Martin PLLC on

On March 24, 2016, Governor Haslam signed S.B. 2005 which amends Tennessee's data breach notice statute. The amended statute will go into effect on July 1, 2016. The new Tennessee breach notice requirements are triggered by...more

NAIC Task Force Continues Work on Insurance Data Security Model Law

On May 24 and 25, the National Association of Insurance Commissioners (the NAIC) Cybersecurity (EX) Task Force (the Task Force) hosted a meeting in which state insurance commissioners and interested parties were invited to...more

Ransomware: Electronic Extortion for a Digital Era

by Butler Snow LLP on

Last month, the FBI asked the American Bar Association to share a cyberalert with its members warning of an increased risk of ransomware. Ransomware poses significant legal and operational risks to businesses. Personnel at...more

Illinois Enacts Sweeping Changes to the Illinois Personal Information Protection Act

by BakerHostetler on

On May 6, 2016, Illinois joined a growing number of states that have strengthened their data breach notification requirements and expanded the definition of protected personal information. Effective January 1, 2017, HB1260...more

Tennessee’s Data-Breach Notice Requirements Among the Nation’s Toughest

by Burr & Forman on

On July 1, 2016, Tennessee’s new notice requirements for breaches of data security systems which compromise an individual’s personal information will take effect. The amendments to Tennessee’s current rules, found at T.C.A....more

Illinois Makes Extensive Changes to Data Breach Notification Law

by Alston & Bird on

On May 6, 2016, Illinois Governor Bruce Rauner signed HB1260, which significantly updates the state’s Personal Information Protection Act. The changes take effect on January 1, 2017. When the new law becomes effective,...more

Cyber Security

by Kirton McConkie PC on

Roughly one million pieces of malware—computer viruses or malicious software—are released every day. In recent years, we’ve witnessed an unprecedented level of activity in the cyber arena, both in the form of increased...more

Tennessee Gives Businesses 45 Days for Data Breach Notice

by Davis Wright Tremaine LLP on

Recent amendments to the State’s data breach statute give a hard deadline for a business to provide consumer notice, removes encryption safe harbor, exempts entities that are subject to the Health Insurance Portability and...more

43 Results
|
View per page
Page: of 2
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.