News & Analysis as of

Risk Assessment Data Breach

Bay Area Conference Sheds Light on Emerging Cyber Insurance Considerations

On October 11, 2017, the National Association of Insurance Commissioners and the Stanford Cyber Initiative held a joint conference on various topics related to cyber insurance. Below are key takeaways and hot topics discussed...more

Cybersecurity Myths Debunked

by Foley & Lardner LLP on

Security incidents, loss of customer data, exposure of confidential corporate assets, demands of ransom, and similar stories are becoming daily headlines with the impacts being felt across a wide variety of industries. We...more

The Mummy’s Hand and a Risk-Based Approach at the Board Level

by Thomas Fox on

Today we consider the 1940’s film, The Mummy’s Hand as the second installment in Universal Pictures series featuring this creature. Boris Karloff departed the role and it was taken over for one film by Tom Tyler, who was...more

The Data Report Episode 14: Zero Day

by Bilzin Sumberg on

Module Four: When It All Goes Wrong (Part III) Once a data breach is discovered there is a limited amount of time to begin assessing, addressing, and eliminating the problem. In this episode of The Data Report, Litigation...more

Give Your Customers the Gift of Security

by Perkins Coie on

2017 has reminded us that data security threats continue to evolve and that the stakes for companies can be very high if their data security programs fail to evolve as well. Before the recent announcement of Equifax’s...more

Mitigating Third Party Data Breach Risks

by Reed Smith on

Increasingly, organizations look to third parties to collect, process, and store their data. In some instances, organizations reduce their net risk by outsourcing these data functions to companies with a core competence in...more

Avoiding Management Struggles When it Comes to Data Breaches: Part 6

by Bryan Cave on

The best way for a company to handle a data breach is to be prepared. As we discuss in our data breach readiness handbook, preparation includes, among other things, drafting an incident response plan, reviewing...more

Recent Events Increase the Importance of HIPAA Risk Analyses and HIPAA Policies

Recent events highlight the fact that threats to customer and patient data continue to increase. In recent months, government agencies, news outlets, and others have spent considerable time investigating and reporting on...more

Developments in New York and Colorado Cybersecurity Regulations

by Wilson Elser on

New York - For the first time since New York’s Cybersecurity Regulation (23 NYCRR Part 500) became effective on March 1, 2017, the Department of Financial Services (DFS) has issued Frequently Asked Questions to assist...more

Avoiding Management Struggles When it Comes to Data Breaches: Part 3

by Bryan Cave on

The best way for a company to handle a data breach is to be prepared. As we discuss in our data breach readiness handbook, preparation includes, among other things, drafting an incident response plan, reviewing...more

Yet another Target settlement highlights data breach costs

by Thompson Coburn LLP on

In what appears to be the closing act of the saga that is the Target data breach, on May 23 the retailer announced it had reached a settlement agreement with a coalition of 47 states’ attorneys general. Pursuant to the...more

China Cybersecurity Law: Seven Key Points to Ensure You are Compliance Ready for its Launch on 1 June 2017

by Dechert LLP on

China’s Cybersecurity Law comes into force on 1 June 2017. It is a significant piece of legislation impacting all companies operating a network in China. It covers a wide range of activities relating to the cyberspace,...more

Colorado’s Proposed Cybersecurity Rules for Investment Advisers and Broker-Dealers

by Snell & Wilmer on

Colorado has new proposed rules that add cybersecurity requirements for certain entities with Colorado securities licenses. The proposed rules are from the regulatory agency the Division of Securities. It licenses securities...more

Protection of Vendor Report and Documents as Work Product is Big Win for Experian

When assisting clients with emergency data breach response, and preparing and implementing a data privacy and security plan, it often becomes efficient, cost effective and necessary to hire outside vendors to assist with...more

Q: Could You Be Dragged Into Court For A Company Data Breach? A: It Depends

by Fisher Phillips on

This same time last year, many in the business community were eagerly anticipating the U.S. Supreme Court’s ruling in Spokeo, Inc. v. Robins, which was to decide the standard that should be applied to determine whether...more

OCR Settlement Lessons - Failing to Perform an Electronic Access Risk Analysis Before an Unauthorized Access Occurs

by Ruder Ware on

Failure to conduct a risk assessment before a hacking incident occurred resulted in a $400,000 settlement between the Office of Civil Rights (OCR) and a Federally Qualified Health Clinic (FQHC). The FQHC filed a breach...more

Lessons from OCR HIPAA Settlements - Mobile Device Security Standards

by Ruder Ware on

In the first known case involving a wireless provider, a cardiology service provider agreed to pay a $2.5 million settlement based on the impermissible disclosure of unsecured electronic protected health information (ePHI)....more

Two HIPAA Mistakes Lead to Fines from OCR

It was a busy April for the Office for Civil Rights (“OCR”) (see our prior post on a settlement from earlier in April). On April 20, OCR announced a Resolution Agreement with Center for Children’s Digestive Health, S.C....more

[Webinar] What Attorneys Need to Know About Cybersecurity and Data Privacy in 2017 - May 31st, 10:00am PT

by CloudNine on

You’ve heard the horror stories. Data breaches are happening within organizations at an alarming rate, and sensitive data is being compromised regularly. As an attorney, what can you do to protect yourself, your firm and your...more

Healthcare Advisory: HHS Announces First Settlement with a Wireless Health Services Provider

by Sherman & Howard L.L.C. on

On April 24, 2017, the Department of Health and Human Services, Office of Civil Rights (“OCR”), announced its first settlement with a wireless health services provider, CardioNet, Inc., for alleged violations of the Health...more

N.Y.’s New Cybersecurity Regulations: What Financial Services Companies Need to Know

With corporate data security breaches on the rise, the New York State Department of Financial Services (NYDFS) has adopted rules requiring financial institutions to take certain measures to safeguard their data and inform...more

Cybersecurity: Yes, They Will Hack Your Car

by Foley & Lardner LLP on

Auto manufacturers are increasingly equipping vehicles with rapidly advancing technologies, raising concerns regarding how the public will be affected by these changes. Manufacturers are beginning to implement automated...more

Cybersecurity: 2017 Report & 2016 Reflections - What Businesses and Boards Need to Know

by Bennett Jones LLP on

In 2016, cybersecurity continued to grow as a primary business risk for companies worldwide. Data breaches continued to escalate both in number and magnitude and the landscape of legal and regulatory liability evolved and...more

OCR settles with MAPFRE for $2.2 Million

MAPFRE Life Assurance Company of Puerto Rico learned the hard way about the risk of loss of patient information with portable devices like USBs, even when they are stored in the IT Department....more

What Did They Say About Cybersecurity in 2016? 8 Proclamations from Regulators and the Courts

by Orrick - Trust Anchor on

There is no such thing as compliance with the NIST Cybersecurity Framework (FTC). In September, the FTC dispelled a commonly held misconception regarding the NIST Framework: It “is not, and isn’t intended to be, a standard or...more

130 Results
|
View per page
Page: of 6
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.