AI tools often drive efficiency and save money, but they have drawbacks. Here’s what to know....more
More than two months after the February 2024 Change Healthcare cyber-ransom attack, the healthcare industry continues to grapple with the fallout, creating significant challenges, disruptions, and outages to the healthcare...more
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently published an executive summary (Report) outlining key enforcement activities of the Health Insurance Portability and...more
Multi-employer plan participants involved in an Employee Retirement Income Security Act of 1974 (ERISA) class action lawsuit against Horizon Actuarial Services LLC (Horizon), a national retirement services firm, have entered...more
As part of the Biden Administration’s efforts to align energy cybersecurity efforts across the country, the U.S. Department of Energy (“DOE”) has funded the release of a set of energy distribution cybersecurity baselines for...more
On February 28, 2024, President Biden issued Executive Order 14117 (the EO) on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern” that would...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
Over the past few months, businesses across the country have been focused on the California Consumer Privacy Act (CCPA) which dramatically expands privacy rights for California residents and provides a strong incentive for...more
California continues to lead on data privacy protection. Since the adoption of the California Consumer Privacy Act (CCPA), cracking down on data breaches and promoting consumer privacy has remained a priority in the state....more
Earlier this month, it was reported that the National Security Agency (NSA) discovered a serious security flaw in Microsoft Windows 10 cryptographic functionality, CVE-2020-0601.That security flaw could render trust...more
The SEC’s Office of Compliance Inspections and Examinations published a series of observations gleaned from thousands of exams over a period of years. While OCIE’s charge is the inspection of certain SEC registrants the...more
On January 16, the Commerce Department’s National Institute of Standards and Technology (NIST) released version 1.0 of its Privacy Framework: A Tool for Privacy Through Enterprise Risk Management. The product of a two-year...more
As of January 1, 2020, California became the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages between $100-$750 per incident, even in the absence of any actual...more
New cybersecurity and data privacy laws will impose substantial new obligations on businesses that collect information about residents of those states. Regardless of their location or size, nonprofit organizations that...more
Amid increased public and government attention to cyber security, a qui tam plaintiff’s lawsuit has resulted a large settlement for a government contractors’ purported misrepresentations regarding compliance with government...more
Most compliance officers will admit that they have more than enough responsibilities in their purview. They are usually not looking for more. I have some bad or good news on this front depending on your perspective....more
Equifax to Pay up to $700 Million as Part of Settlement for 2017 Data Breach - Equifax has agreed to pay at least $575 million, and potentially up to $700 million, as part of a global settlement with the FTC, the CFPB, and...more
Did you know Americans lost nearly $150 million dollars to real estate internet scams last year? That makes real estate cyber crime a greater risk to Americans than identity theft ($100 million in losses) or credit card fraud...more
New law in New York State extends requirements on companies doing business with New York residents to have cybersecurity programs and expands New York’s breach notification requirements. New law extends the reach of New...more
Information is one of your company’s most valuable assets. It is critical to remain vigilant to protect against the latest cybersecurity threats and to comply with expansive privacy obligations. Join us in New York City for...more
No one knows for sure how many "things" are connected to the Internet, but the Federal Trade Commission reported last year that it was more than 8 billion, and that it would exceed 20 billion by the end of 2020! Astonishing...more
As data are quickly becoming significant corporate assets, lawyers need to help companies both maximize the value of their data and protect the business against any associated risks. This is particularly true in M&A...more
The rapid adoption of Industry 4.0 technologies leaves manufacturers with a choice: accelerate with the market or be left behind. According to a 2019 Global Market Insights, Inc. report, the market for artificial intelligence...more
This past Friday, March 1, 2019, marked the second anniversary and final effective date of the New York Department of Financial Services (DFS)’s cybersecurity regulation. Since its enactment, regulated institutions, subject...more
“Smart” devices have become common, if not pervasive, experiences of daily life. Parents may monitor a baby’s heart rate and oxygen levels through sensor enabled baby socks. Businesses may equip fleet drivers with smart...more