News & Analysis as of

National Institute of Standards and Technology Personally Identifiable Information

Clark Hill PLC

Right To Know - August 2024, Vol. 20

Clark Hill PLC on

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more

Ballard Spahr LLP

FHA Requiring Reporting of Significant Cybersecurity Incidents

Ballard Spahr LLP on

In Mortgagee Letter 2024-10, FHA announced a requirement for FHA approved lenders to notify the U.S. Department of Housing and Urban Development (HUD) of Significant Cybersecurity Incidents. The Mortgagee Letter, which is...more

Health Care Compliance Association (HCCA)

Privacy Briefs: April 2024

The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more

Troutman Pepper

That’s a Wrap…or Not? Regulatory Data Incident Investigation Resolutions and the Path Forward

Troutman Pepper on

As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more

Troutman Pepper

More Privacy, Please – January 2024

Troutman Pepper on

NIST Publishes Report on the Cybersecurity of Genomic Data. On December 20, 2023, the NIST National Cybersecurity Center of Excellence (NCCoE) published Final NIST IR 8432, Cybersecurity of Genomic Data. Informed by direction...more

Health Care Compliance Association (HCCA)

Privacy Briefs: February 2024

The American Hospital Association (AHA) has warned that information technology (IT) help desks are being targeted in a social engineering scheme that uses the stolen identity of revenue cycle employees or employees in other...more

Troutman Pepper

Data Protection: One of These Incidents Is Not Like the Other

Troutman Pepper on

In the burgeoning realm of data incidents, it is a truism that such incidents are not created equal. Indeed, a data incident is not necessarily a data breach. Originally published in Reuters -August 24, 2023...more

Sheppard Mullin Richter & Hampton LLP

Cybersecurity Labeling Program to Increase Transparency of IoT Device Security

In response to a constantly-evolving cyber threat landscape, the Biden Administration recently announced the launch of a new cybersecurity labeling program – the U.S. Cyber Trust Mark program – in an effort to enhance...more

Rothwell, Figg, Ernst & Manbeck, P.C.

Regulating AI: Litigation Questions And State Efforts To Watch

This second part of a two-part series on U.S. regulation of artificial intelligence systems highlights state legislation and litigation to watch concerning AI systems, and provides practical takeaways as we look toward the...more

J.S. Held

Data Privacy in 2023: Expectations, Responsibilities & Cyber Security Tactics to Safeguard Your Information

J.S. Held on

INTRODUCTION - As more of our lives and work become digitized, an inherent overlap continues to grow between data privacy and cyber security programs. Think of two similarly sized circles: in the past, data privacy and cyber...more

Bond Schoeneck & King PLLC

New York State Education Law § 2-D: Where Are We Now? 

Two and a half years have now passed since the New York State Board of Regents put regulations implementing New York State Education Law §2-d into effect. Since then, educational institutions across the state have faced many...more

Robinson+Cole Data Privacy + Security Insider

Virginia Law Bans Local Police Use of Facial Recognition Technology

The state of Virginia recently enacted a law banning local law enforcement and campus police departments from using facial recognition technology. Facial recognition technology is defined as an “electronic system for...more

Lowenstein Sandler LLP

States’ Safe Harbor Defense For Data Security Breaches Signals Possible Trend

Lowenstein Sandler LLP on

We are now seeing a potential trend where states are incentivizing companies through the creation of safe harbors to improve their cybersecurity posture, instead of penalizing them after a breach of personal information. Utah...more

Jackson Lewis P.C.

Utah Is The 2nd State To Create A Safe Harbor For Companies Facing Data Breach Litigation

Jackson Lewis P.C. on

In mid-March, Utah Governor Spencer Cox signed into law the Cybersecurity Affirmative Defense Act (HB80) (“the Act”), an amendment to Utah’s data breach notification law, creating several affirmative defenses for persons...more

NAVEX

4 Things to Know About Updated NIST 800-53 Standards

NAVEX on

[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - February 2021

Robinson & Cole LLP on

CYBERSECURITY - Ransomware Incident Compromises Unemployment Claim Information of 1.6M in WA - It is being reported that the Office of the Washington State Auditor (SAO) is investigating a security incident, allegedly...more

Mitratech Holdings, Inc

Managing Third-Party Vendor Regulatory Compliance

Data breaches are a hot topic and will undoubtedly get even hotter. Cybersecurity for your own enterprise isn’t enough — you must evaluate your vendors and determine if they’re prepared to resist cyberattacks.  ...more

McDermott Will & Emery

Public Backlash Calls Use of Facial Recognition Systems into Question

McDermott Will & Emery on

In recent weeks and months, legal and technical issues related to use of facial recognition systems in the United States have received national attention, including concerns that the technology lacks accuracy in identifying...more

Stoel Rives - Global Privacy & Security Blog®

NIST Releases a Standard for Privacy

As states fill the legal void for consumer privacy rights,[1] a new federal standard has emerged to assist companies with their compliance efforts. The National Institute of Standards and Technology (“NIST”) Privacy Framework...more

BCLP

Do Companies Need a Written Security Information Plan?

BCLP on

As of January 1, 2020, California became the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages between $100-$750 per incident, even in the absence of any actual...more

Polsinelli

Important Highlights from the NIST/OCR HIPAA Security Conference Last Week

Polsinelli on

Every year, the National Institute of Standards and Technology (NIST) and the Department of Health and Human Services, Office for Civil Rights (OCR) jointly sponsor a conference to “address the dynamic and challenging...more

Hogan Lovells

OCR Provides Insight into Enforcement Priorities and Breach Trends

Hogan Lovells on

Regulators, industry experts, and researchers provided insight into health privacy and security enforcement trends, emerging threats, and new tools at a recent conference focused on the Health Insurance Portability and...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - September 2019

Robinson & Cole LLP on

The Wolcott school system in Wolcott, Connecticut has been recovering for four months from a ransomware attack that hit its system at the end of the school year. Last week, it was hit with a second attack. According to...more

ArentFox Schiff

CFIUS 2.0: ‘Sensitive Personal Data’ in the National Security Context

ArentFox Schiff on

In recent years, the Committee on Foreign Investment in the United States (CFIUS) has taken a much stronger interest in the national security ramifications of sensitive data falling into the hands of foreign adversaries,...more

White and Williams LLP

Cybersecurity and Legal Due Diligence Considerations in M&A Transactions

White and Williams LLP on

When prospective buyers conduct legal due diligence in merger and acquisition transactions the main focus is typically on the traditional items, such as financials, debt instruments, major contracts and other key metrics...more

72 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide