With the onslaught of new privacy, AI and cyber legislation coupled with promises for enforcement and class action litigation, running a well-functioning and flexible privacy and cyber program is increasingly a critical...more
In recent years, data breaches have escalated from isolated technical issues to significant legal battles. Businesses are witnessing a sharp rise in data breach lawsuits, underscoring the growing legal risks associated with...more
More than two months after the February 2024 Change Healthcare cyber-ransom attack, the healthcare industry continues to grapple with the fallout, creating significant challenges, disruptions, and outages to the healthcare...more
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently published an executive summary (Report) outlining key enforcement activities of the Health Insurance Portability and...more
The security and confidentiality of a company’s data is paramount. As businesses grapple with the COVID-19 pandemic and the need for employees to work remotely, it is important to remain focused on ensuring the security and...more
We are living in the age of data and big data, where everyone wants to collect as much information as possible. The ability to analyze and monetize such information is a key strategy and selling point for many businesses. ...more
On January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) went into effect. The CCPA applies to a wide range of companies and broadly governs the collection, use and sale of personal information of California...more
When the California Consumer Privacy Act (“CCPA”) takes effect in January 2020, California will become the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages of...more
Data security and privacy is a hot global topic right now. New laws that closely regulate data security practices seem to be popping up everywhere in order to account for all of the data people transmit electronically daily....more
In June 2018, California enacted one of the most comprehensive privacy laws in the country, the California Consumer Privacy Act of 2018 (the “CCPA”). Although the CCPA will not go into effect until January 1, 2020, businesses...more
Ninth hearing on Competition and Consumer Protection in the 21st century highlights challenges of addressing persistent threats to data security. On December 11 and 12, the Federal Trade Commission (the FTC or the...more
The best way for a company to handle a data breach is to be prepared. As we discuss in our data breach readiness handbook, preparation includes, among other things, drafting an incident response plan, reviewing...more
Just when you thought the hazards of cyberfraud couldn’t get worse, the SEC recently issued a Report of Investigation (more on that later) stating that nine recent corporate victims of cyberfraud may have compounded their...more
In the age of the data breach, lawyers and law firms have a lot in common with comic book superheroes: they are locked in a relentless battle against a cunning, ever-changing threat. This past week, Foley & Lardner...more
About twelve years ago, when most people had never heard the term “data breach”, a colleague asked me what type of law I practiced. I tried to explain that I helped companies collect, secure, and share data, and, when data...more
Nossaman LLP and University of California, Irvine School of Law invite you to join us for "Cybersecurity, Data Breach, and Privacy: A Real World Perspective on Prevention, Response and the Future." This complimentary...more
HHS OCR issues checklist, iterative guidance in wake of WannaCry and Petya attacks; Anthem breach settlement provides additional lessons. Key Points: ..Healthcare organizations are particularly vulnerable to ransomware...more
Hacking of organisations’ systems is becoming increasingly commonplace, even with advancements in security practices. To mitigate risk, a company must have an enterprise-level, cross-functional incident response plan that is...more
Fortune.com reported that according to an International Data Corporation (IDC) forecast, by 2020, spending on security-related hardware, software, and services will eclipse $100 billion. However, consulting company NTT Com...more
Customer data can be a treasure trove for an organization. Many businesses believe customer and prospect data to be their most valuable asset. Unfortunately, some have discovered that, unless handled with care, it can also...more
The news regularly reports on data breaches and cybersecurity. While we read about the biggest breaches – Home Depot, Target, Anthem, JP Morgan, Wyndham – probably every business has been hacked and will be hacked again. ...more
On December 23, 2015, Hyatt Hotels (Hyatt) reported that it was investigating cyberattacks that caused data breaches at its properties from August 13 to December 8, 2015. The investigation has revealed that hackers infected...more
In this issue: - Navigating Public Company Cybersecurity Obligations: Advising Boards and Disclosing to Investors - FTC Updates School-Related COPPA Guidance - Status Update on the EU Data Protection...more
. . . a data breach class action. Hackers and plaintiffs’ lawyers could combine to make 2014 the year when class actions concerning theft of sensitive information proliferate. On this 11th Day of Privacy, we look...more