No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Artificial intelligence (AI), particularly generative AI, thrives on vast amounts of data, fueling AI capabilities, insights, and predictions. But with this reliance on data comes potential privacy and security risks. And...more
American Addiction Centers (AAC) has notified 422,424 individuals that their personal information was stolen in a cyber-attack attributed to the Rhysida criminal organization. The incident was discovered on September 26,...more
As the last two years have clearly demonstrated, no organization is immune from cyberattacks. Indeed, numerous studies have reported that a majority of businesses have been impacted by at least one cyberattack over the past...more
The SEC recently issued an order and settlement against a company from a pair of cyberattacks in which millions of dollars of client funds were stolen. While the company was able to recover a portion of the funds and...more
The recent indictment of Maksim Silnikau, a Belarusian and Ukrainian national, is a clear reminder that cybercriminals are becoming more sophisticated and bold....more
As businesses grapple with the evolving, regulatory landscape for data privacy, the Texas Data Privacy & Security Act (TDPSA) emerges as a pivotal law. This comprehensive legislation, effective July 1, 2024, established...more
With escalating cyber risks and heightened regulatory scrutiny, every minute after a data breach is crucial. Sophisticated cybercriminals relentlessly target your organization’s most valuable asset: personally identifiable...more
As the health care industry continues reeling from the recent Change Healthcare ransomware attack that crippled large portions of the U.S. health care system, health care providers are naturally reminded of the importance of...more
CYBERSECURITY - Mozilla Releases Security Updates for Thunderbird and Firefox - Mozilla recently released security updates to address known vulnerabilities in their Thunderbird and Firefox products. The Cybersecurity &...more
Data breaches are on the rise. So are the lawsuits that follow. This has led to an environment where cyber-forensics service providers are more important than ever. Clients seeking these services, however, often do so...more
Report on Patient Privacy 23, no. 12 (December, 2023) Northwell Health in New York and Cook County Health in Chicago each experienced impacts from a breach at Nevada-based transcription company Perry Johnson & Associates...more
On October 31, 2022, the Federal Trade Commission (FTC) announced a complaint and proposed consent order against Chegg, an edtech company, over its security practices that resulted in four security breaches in three years....more
On October 24, 2022, the Federal Trade Commission (FTC) announced a proposed consent order against Drizly and its CEO, James Cory Rellas, over the online alcohol marketplace company’s data breach incident in 2020, which...more
Report on Patient Privacy 22, no. 10 (October, 2022) - Thirty Democratic senators led by Sen. Patty Murray, D-Wash., have called on HHS to strengthen federal privacy protections under HIPAA to broadly restrict providers...more
Internet users have (mostly) learned to avoid scams by supposed Nigerian princes looking to share a vast inheritance, and there has been a rise in awareness of other common signs of phishing attempts, such as poor spelling...more
In this article, we look at the 2021 cyberattack on the Health Service Executive (“HSE”), the national healthcare provider for Ireland, and what lessons have been learned from that crisis one year post-incident....more
Report on Patient Privacy 22, no. 3 (March, 2022) - HHS said in early March that it was not aware of any specific threat to U.S. health care organizations stemming from the Russian invasion of Ukraine. “However, in the...more
CYBERSECURITY - CISA/FBI Advisory Warns of Destructive Malware Used Against Ukraine - The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint advisory this week alerting organizations of...more
Report on Patient Privacy 22, no. 2 (February, 2022) - Tensions between the U.S. and Russia could lead to a heightened risk of Russian state-sponsored cyberattacks on U.S. interests, including health care organizations,...more
We continue our year-end review of SEC enforcement activity and turn our attention to a topic grabbing seemingly daily headlines across multiple industries: cybersecurity. As the risks – and realities – of cyberattacks...more
CYBERSECURITY - New Jersey Settles with Cancer Center Over Business Email Compromise - One of the challenging things about HIPAA (Health Insurance Portability and Accountability Act) enforcement is the fact that both the...more
It's the most wonderful time of the year and we send our season's greetings with visions of (surveillance) sugarplums dancing in our heads. Whether you are on the naughty or nice list, may your days be merry and...more
Report on Patient Privacy 21, no. 12 (December, 2021) - Huntington Hospital in New York has sent notices to approximately 13,000 patients about an incident that happened in late 2018 and early 2019 involving a night shift...more
Blackbaud Breach - In the early months of 2020, cybercriminals orchestrated a ransomware attack on Blackbaud Inc., a cloud software company headquartered in Charleston, South Carolina that provides data collection and...more
Trucking company Forward Air revealed in a filing with the Securities and Exchange Commission that it suffered a ransomware attack in December 2020 (reportedly by Hades), which caused business disruption as it was forced to...more