In recent years, data breaches have escalated from isolated technical issues to significant legal battles. Businesses are witnessing a sharp rise in data breach lawsuits, underscoring the growing legal risks associated with...more
Over the past few months, businesses across the country have been focused on the California Consumer Privacy Act (CCPA) which dramatically expands privacy rights for California residents and provides a strong incentive for...more
California continues to lead on data privacy protection. Since the adoption of the California Consumer Privacy Act (CCPA), cracking down on data breaches and promoting consumer privacy has remained a priority in the state....more
New cybersecurity and data privacy laws will impose substantial new obligations on businesses that collect information about residents of those states. Regardless of their location or size, nonprofit organizations that...more
New law in New York State extends requirements on companies doing business with New York residents to have cybersecurity programs and expands New York’s breach notification requirements. New law extends the reach of New...more
As data are quickly becoming significant corporate assets, lawyers need to help companies both maximize the value of their data and protect the business against any associated risks. This is particularly true in M&A...more
As a result of ongoing efforts under the Cybersecurity Act of 2015, the Department of Health and Human Services (HHS) has partnered with public and private sector entities to develop guidance for healthcare entities seeking...more
On September 26, 2018, the United States Securities and Exchange Commission (“SEC”) announced a $1 million settlement with an Iowa-based broker-dealer over allegations that it maintained deficient cybersecurity policies and...more
On February 21, 2018, the Securities and Exchange Commission issued an interpretive release1 providing important guidance to certain registrants on cybersecurity disclosure. Coming on the heels of dozens of high-profile...more
The receipt, storage, and handling of sensitive shipper data occurs, often frequently and in real-time, alongside the flow of goods. Commercial shippers are well aware of the supply chain security risk to the materials and...more
The news regularly reports on data breaches and cybersecurity. While we read about the biggest breaches – Home Depot, Target, Anthem, JP Morgan, Wyndham – probably every business has been hacked and will be hacked again. ...more
To say that mobile device usage has reached a tipping point would be an understatement. There are now more mobile devices than people in the world, a staggering 7.9 billion mobile devices for 7.4 billion people on Earth. In...more
After a long delay, with a vote of 74 to 21, the United States Senate passed the Cybersecurity Information Sharing Act (CISA) on October 27, 2015. The bill has been touted as being controversial and is opposed by...more
Lawyers and compliance professionals constantly tout the importance of internal information security policies, particularly in light of data privacy problems that are reported almost daily in the media. Admittedly, drafting...more
The latest major health insurance data breach of 2015 reported by Excellus BlueCross BlueShield is considered one of the top 20 worst reported breaches of a healthcare organization. The attack affected about 7 million...more
In a much anticipated decision, the Third Circuit Court of Appeals affirmed the authority of the Federal Trade Commission (FTC) to enforce actions against companies who have been subject to a data breach. The FTC sued...more
The title, of course, begs the question: does your business even have an Information Governance Program? If not, you should get one—quick. An integrated Information Governance Program is considered a “best practice” to...more
An annual audit conducted by the U.S. Government Accountability Office of the Fiscal Service Bureau, identified (9) nine new information security weaknesses in the U.S. Treasury Department’s information systems that are used...more
On June 30, the Federal Trade Commission (FTC) issued its first guidance document as part of its Start with Security initiative. The initiative, announced by FTC Consumer Protection Director Jessica Rich in March, will...more