No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Sitting with the C-Suite: Information Governance and eDiscovery - Key Compliance Issues for In-House Counsel
The American reverence for entrepreneurial spirit and free enterprise is reflected in the profound influence of capitalism on our healthcare system. In contrast to many other advanced industrialized countries with state-run...more
A string of putative class actions has been filed against life insurance companies for allegedly violating section 20(b) of Illinois’ Genetic Information Privacy Act (GIPA) by using applicants’ family medical history in...more
Personal information from federal lawmakers and congressional staff members was available on the dark web following a breach of DC Health Link, the health insurance marketplace for Washington, D.C. In an internal memo sent to...more
Premera Blue Cross (Premera) has agreed to settle with the Office for Civil Rights (OCR) for $6.85 million over allegations of violations of HIPAA after an investigation of a data breach that occurred in 2014 affecting 10.4...more
Report on Patient Privacy 20, no. 1 (January 2020) - ? A cybersecurity breach temporarily halted cancer radiation treatment services at the Cancer Center of Hawaii on Oahu,[1] the center said. The center, which provides...more
Ohio Attorney General Dave Yost recently announced a multistate settlement that will require health insurance company Premera Blue Cross to pay $10 million following a breach of protected health information (PHI). According...more
Following an investigation led by the Washington Attorney General, Premera Blue Cross has agreed to pay $10 million to 30 states after experiencing a data breach in 2014 that compromised the Protected Health Information of...more
Earlier this month, a federal grand jury returned an indictment charging a Chinese national and another individual as part of an extremely sophisticated hacking group operating in China that targeted large businesses in the...more
Anthem, Inc., the country’s second largest insurer has agreed to pay $16 million to the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) and take corrective action to settle potential violations...more
On October 15, 2018, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced that Anthem, Inc. will pay $16 million to settle OCR’s investigation of its potential violations of the Health...more
Toyota Industries North America (TINA) has discovered that a hacker was able to access its corporate email system, compromising the personal and protected health information of approximately 19,000 individuals, apparently...more
The recent $575,000 settlement with EmblemHealth signals a push from AG Schneiderman “for stronger security laws and hold[ing] businesses accountable for protecting their customers’ personal data.” Noting New York’s “weak and...more
Earlier this week, the Supreme Court of the United States denied certiorari in CareFirst v. Attias, a closely watched case that some thought provided the Court with an opportunity to clarify the standing analysis under Spokeo...more
Counsel hoping for Supreme Court guidance on standing issues dividing the circuit courts will have to wait a bit longer. On February 20, the Court denied a petition for writ of certiorari in Attias v. CareFirst to resolve a...more
In October 2017, healthcare insurer, CareFirst, petitioned the United States Supreme Court, requesting the Court to clarify the constitutional standing requirement for plaintiffs seeking to bring claims regarding their...more
At its first conference this month, the U.S. Supreme Court will consider whether to weigh in on a Circuit split over standing to sue in the aftermath of a data breach. ...more
Blue Cross Blue Shield of Florida (Florida Blue) has announced that 475 applications for insurance were backed up to the cloud, on an unsecured cloud server, by an unaffiliated agent of Real Time Health Quotes, and exposed...more
As 2017 draws to a close, data breach class actions abound, while questions regarding what suffices for Article III standing in these cases remain—with litigants hoping the Supreme Court will soon weigh in....more
In a significant ruling addressing the scope of the attorney-client privilege and work product doctrine in a data breach case, a Federal judge in Oregon ordered Premera Blue Cross, the Washington-based healthcare services...more
Energy and Critical Infrastructure Industries Warned of Increased Attacks by FBI and DHS - The FBI and Department of Homeland Security issued a joint statement on October 20, 2017 warning of an increased danger of a...more
The Vermont Attorney General (AG) recently announced that it has settled with SAManage USA, a business support services company, for failing to timely notify 660 Vermont residents that their names and Social Security numbers...more
In the latest sign that data breach class actions are here to stay—and, indeed, growing—the D.C. Circuit resuscitated claims against health insurer CareFirst BlueCross and Blue Shield, following a 2015 breach that compromised...more
Earlier this month, an appellate panel of the federal DC Circuit unanimously held that individuals affected by a healthcare insurer’s data breach in 2014 could pursue claims against the insurer stemming from the cyberattack....more
Recently, the D.C. Circuit Court of Appeals ruled in Attias v. CareFirst, Inc., No. 16-7108, that customers had standing to sue a health insurer for a 2014 data breach in which the customers’ information was stolen. ...more
The U.S. Court of Appeals for the D.C. Circuit has held that allegations of a heightened risk of future identity theft resulting from a data breach established a concrete injury at the pleading stage....more