Clik here to view.
Top 10 for 2017 – Happy Data Privacy Day
In honor of Data Privacy Day, we provide the following “Top 10 for 2017.” While the list is by no means exhaustive, it does provide some hot topics for organizations to consider in 2017. 1. Phishing...
View ArticleClik here to view.
Virginia Responds to W-2 Phishing Scams with First of Its Kind Notification...
As previously highlighted, in early February, the IRS issued a warning to all employers regarding the resurgence of a W-2 based cyber scam. Since the IRS warning, this type of scam has taken numerous...
View ArticleClik here to view.
New Mexico Enacts Data Breach Notification Act
On April 6, 2017, New Mexico Governor Susana Martinez signed HB 15, making New Mexico the 48th state to enact a data breach notification law. The law has an effective date of June 16, 2017 and follows...
View ArticleSix Tips to Consider in Hiring Privacy and Data Security Experts
Facing increasingly pervasive issues relating to privacy and data security companies are faced with what qualifications they should think about when looking to hire experts in these areas, and their...
View ArticleStrengthening Data Security Through Human Resources and Information...
Human Resources (“HR”) and information technology (“IT”) departments play unique and important roles within an organization. With instances of data breaches on the rise, however, companies should be...
View ArticleClik here to view.
An Ounce of Data Breach Prevention…Address Attorney-Client Privilege in Your...
Data breach “horror” stories have become a new staple in today’s business environment. The frequency of attacks which threaten (or compromise) the security of business networks and information systems...
View ArticleClik here to view.
2-Year Statute of Limitations Applies to HIV Patient’s Privacy Suit
A New Jersey appeals court recently ruled that a two-year statute of limitations applies to a claim by an HIV-positive patient asserting one of his doctors improperly disclosed his medical status to a...
View ArticleClik here to view.
Delaware: The Latest State to Amend its Data Breach Notification Law
Delaware joins the growing number of states that recently amended their data breach notification law. On August 17th, Delaware amended its data breach notification law with House Bill 180, the first...
View ArticleEnhanced HHS HIPAA Breach Reporting Tool May Aid Health Care Industry Data...
Secretary Tom Price of the U.S. Department of Health and Human Services (HHS) announced his agency needs “to focus more on the most recent breaches and clarify when entities have taken action to...
View ArticleAnd Now, in Recent New York Cybersecurity Action…
New York State Governor Andrew Cuomo and the New York State Department of Financial Services (“DFS”) have been busy on the cybersecurity front. In a press release on September 18, 2017, building upon...
View ArticleClik here to view.
New York AG Announces SHIELD Act
On November 2nd, New York Attorney General Eric T. Schneiderman announced his proposal of the SHIELD Act – Stop Hacks and Improve Electronic Data Security Act – a bill that would heighten data security...
View ArticleClik here to view.
SCOTUS Will Not Review CFAA Password Sharing Case
The United State Supreme Court recently denied certiorari in Nosal v. United States, 16-1344, declining to weigh in on the scope of unauthorized access under the Computer Fraud and Abuse Act (“CFAA”)....
View ArticleSenate Bill Introduced to Protect Personally Identifiable Information
Primarily motivated by several recent massive data breaches, Senate Democrats recently introduced a bill geared toward protecting Americans’ personal information against cyber attacks and to ensure...
View ArticleSouth Dakota May Become 49th State to Pass a Data Breach Notification Law
Only two states in the United States lack data breach notification statutes, but that may change in 2018. If legislation pending in South Dakota passes, Alabama would be the only state without a data...
View ArticleClik here to view.
NIST Releases Updated Version of Its Cybersecurity Framework
On April 17th, the National Institute of Standards and Technology (“NIST”), a component of the U.S. Commerce Department, released Version 1.1 of the Framework for Improving Critical Infrastructure...
View ArticleVague FTC Order Addressing Data Security Struck Down by Federal Appellate Court
In a significant ruling that calls into question the Federal Trade Commission’s (“FTC”) authority to regulate a private company’s data security program, a federal appellate court of appeals ruled that...
View ArticleClik here to view.
California Consumer Privacy Act Amendment Signed Into Law
On September 23, 2018, Governor Jerry Brown signed into law SB-1121 amending certain provisions of the California Consumer Privacy Act of 2018 (CCPA) which was enacted in June of this year. As we...
View ArticleClik here to view.
Privacy and Cybersecurity Issues to Watch in 2019
Privacy and cybersecurity risks continue to emerge for organizations large and small. While by no means exhaustive, we briefly discuss some key issues that organizations may need to focus on in 2019...
View ArticleClik here to view.
Updates to Massachusetts Breach Notification Law – Much More Than Mandatory...
Observers of the recent changes in the Massachusetts data breach notification law likely will focus on the addition of the obligation to provide 18 months of credit monitoring following a breach...
View ArticleClik here to view.
Actual Harm Not Required to Sue Under Illinois Biometric Information Privacy Law
Earlier today, the Illinois Supreme Court handed down a significant decision concerning the ability of individuals to bring suit under the Illinois Biometric Information Privacy Act (BIPA). In short,...
View Article