Cyber incidents have been growing at an exponential rate in recent years. A recent report from the Identity Theft Resource Center found that there were over one billion data breach victims in Q2 of 2024, which is around five...more
I was hanging out with my friend this weekend, both catching up on emails from a coffee shop. After a while, he turned to me. “Well sh*t. Looks like my social security number might be on the dark web.”...more
Frontier Communications (Frontier) faces three class action lawsuits in relation to a cyber data breach in which the criminal ransomware group, RansomHub, stole personally identifiable information (PII) of over 750,000...more
More than two months after the February 2024 Change Healthcare cyber-ransom attack, the healthcare industry continues to grapple with the fallout, creating significant challenges, disruptions, and outages to the healthcare...more
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently published an executive summary (Report) outlining key enforcement activities of the Health Insurance Portability and...more
Multi-employer plan participants involved in an Employee Retirement Income Security Act of 1974 (ERISA) class action lawsuit against Horizon Actuarial Services LLC (Horizon), a national retirement services firm, have entered...more
This post is part of a series of articles we are doing on 2023 data protection litigation trends. While the California Consumer Privacy Act (CCPA) is most known for its onerous privacy compliance obligations, the law also...more
In this episode of On Record PR, Gina Rubel goes on record with Aihong Yu, Chief Privacy Counsel of CDK Global, to discuss how embracing privacy and security measures…...more
When the regulator has decided to investigate your organisation following a data breach, the remit for the investigation will be wide-ranging and go beyond the narrow circumstances of the breach. Recent decisions shed useful...more
The security and confidentiality of a company’s data is paramount. As businesses grapple with the COVID-19 pandemic and the need for employees to work remotely, it is important to remain focused on ensuring the security and...more
We are living in the age of data and big data, where everyone wants to collect as much information as possible. The ability to analyze and monetize such information is a key strategy and selling point for many businesses. ...more
Over the past few months, businesses across the country have been focused on the California Consumer Privacy Act (CCPA) which dramatically expands privacy rights for California residents and provides a strong incentive for...more
California continues to lead on data privacy protection. Since the adoption of the California Consumer Privacy Act (CCPA), cracking down on data breaches and promoting consumer privacy has remained a priority in the state....more
Since the beginning of the year, industry leaders and counsel advising clients on data security issues have held their collective breath in anticipation of the tsunami of California Consumer Privacy Act (CCPA) lawsuits. The...more
The first post-California Consumer Privacy Act (CCPA) data breach class action was filed on February 3 in the Northern District of California. See Barnes v. Hanna Andersson, LLC , N.D. Cal., Case No. 20-cv-00812....more
On January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) went into effect. The CCPA applies to a wide range of companies and broadly governs the collection, use and sale of personal information of California...more
As of January 1, 2020, California became the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages between $100-$750 per incident, even in the absence of any actual...more
In recent years, many states have been updating their data privacy laws to account for new technologies and security risks. On Oct. 23, 2019, a New York law on data breach notification requirements became effective. The Stop...more
Effective October 23, 2019 for changes in data breach notification requirements, and March 21, 2020 for new data security requirements, New York’s “Stop Hacks and Improve Electronic Data Security Act” (SHIELD Act) broadens...more
When the California Consumer Privacy Act (“CCPA”) takes effect in January 2020, California will become the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages of...more
Addressing cybersecurity risks invariably involves very technical matters. As a result, in many companies the IT department has been responsible for developing and implementing cybersecurity plans and procedures....more
As security risks continue to be at the forefront of legislators’ agendas across the country, New York has joined the growing roster of states pressing businesses to develop more robust breach procedures. Originally proposed...more
Data security and privacy is a hot global topic right now. New laws that closely regulate data security practices seem to be popping up everywhere in order to account for all of the data people transmit electronically daily....more