On December 20, 2000, in his statement regarding the signing of the National Moment of Remembrance Act, President Clinton said: “While these heroes should be honored every day for their profound contribution to securing our Nation’s freedom, they and their families should be especially honored on Memorial Day. The observance of a National Moment of… Continue Reading
Monthly Archives: May 2014
My company isn’t a search engine. Why should I care about Google Spain?
Posted in Data Breach, Data Compliance & Security, EU Data Protection Regulation, European Court of Justice, European Union, Legislation, Privacy Litigation, Privacy RegulationWritten by Susan Foster, Solicitor England & Wales/Admitted in California (LONDON) Google – along with the rest of us – is still considering the implications of the European Court of Justice’s May 13, 2014 decision that Google must remove links to a newspaper article containing properly published information about a Spanish individual on the basis… Continue Reading
How Online Advertisers May Steal Your Personal Information: Recommendations for Protecting Consumers
Posted in Cybersecurity, Online Advertising, SecurityWritten by Adam Veness The United States Senate Permanent Subcommittee on Investigations recently released a report outlining six findings concerning online advertising risks to consumers’ personal information and four recommendations on how to protect consumers from these hidden hazards. FINDINGS 1) Consumers risk exposure to malware through everyday activity. Consumers can incur malware attacks by… Continue Reading
Record $4.8 Million HIPAA Fine Assessed
Posted in Data Breach Notification, HIPAA/HITECHIn the largest Health Insurance Portability and Accountability Act (HIPAA) settlement to date, two New York hospitals have agreed to pay $4.8 million to settle allegations that they failed to secure thousands of patients’ electronic protected health information (ePHI) held on their shared network. Our sister blog, Health Law Policy Matters, provides an analysis of the incidents and… Continue Reading
Privacy Monday – May 19, 2014 – Lessons Learned from Facebook
Posted in Privacy MondayPromises to Keep: Lessons Learned from Facebook’s Recent Acquisitions of WhatsApp and Moves Written by Jake Romero, CIPP/US Mergers are never simple, but the acquisition of consumer products and technology requires the purchasing entity to consider a number of questions and issues beyond the standard concerns related to executive pay, corporate valuations and per share… Continue Reading
“Selfie” Assessment – 4 Key Lessons from Snapchat’s Settlement with the FTC
Posted in Data Breach, Federal Trade Commission, Privacy RegulationWritten by Jake Romero, CIPP/US As a country we are quickly approaching a time in which most adults will be disqualified from being elected to public office because of something they posted on their social media account while growing up. Against this backdrop of over-sharing, Snapchat, Inc. won over the hearts of its users with… Continue Reading
Privacy Monday – May 12, 2014
Posted in Data Breach, Data Breach Notification, Data Compliance & Security, Privacy Monday, Privacy RegulationAnother busy week in the privacy/security world. We have some bits and bytes to start your week: Verizon 2014 Data Breach Investigation Report – Something Old, Something New Verizon is out with its 2014 edition of the comprehensive Data Breach Investigation Report (DBIR). You can get your copy here for your reading pleasure — or… Continue Reading
Cyber Risks for the Boardroom Part 5: Coverage for Privacy Violations
Posted in Cybersecurity, Insurance, Privacy LitigationThe last installment in our series – “Coverage for Privacy Violations” Written by Heidi Lawson and Danny Harary Part 5 of 5: Coverage For Privacy Violations As we previously noted, recent SEC actions on the topic of cybersecurity indicates increased SEC focus and likely heralds the coming of enforcement actions against public companies for cyber… Continue Reading
Cyber Risks for the Boardroom Part 4: Coverage for Investigations
Posted in Cyber Risks Boardroom Series, Cybersecurity, InsurancePart 4 in our continuing series: “Cyber Risks – Director Liability and Potential Gaps in D&O Coverage”: Coverage For Investigations Written by Heidi Lawson and Danny Harary One of the biggest gaps in coverage in D&O coverage today is the lack of meaningful coverage for investigations. Although at first glance the policy language may look… Continue Reading
Cyber Risks for the Boardroom Part 3: Top Questions Directors Should be Asking about D&O Coverage
Posted in Cyber Risks Boardroom Series, Cybersecurity, InsuranceOur series “Cyber Risks – Director Liability and Potential Gaps in D&O Coverage” continues – Part 3 of 5: Top Questions Directors Should Be Asking About D&O Coverage Written by Heidi Lawson and Danny Harary Directors never want to be in the unenviable position of having to seek coverage under their D&O policy. Nevertheless the… Continue Reading
Cyber Risks for the Boardroom Part 2: Why Corporate Directors Should be Concerned About Data Security Breaches
Posted in Cyber Risks Boardroom Series, Cybersecurity, Data Breach, InsuranceAll this week, we are featuring a series “Cyber Risks – Director Liability and Potential Gaps in D&O Coverage” Part 2 of 5: Why Directors Should Be Concerned Written by Heidi Lawson and Danny Harary A data breach is not a unitary or self-contained event. The fallout from a breach could impact the directors as… Continue Reading
SEC Cybersecurity Initiative: Five Steps ALL Broker-Dealers and Investment Advisers Should be Taking
Posted in Cybersecurity, Privacy Regulation, SecurityOriginally posted on the Mintz Levin Securities Litigation Matters blog Written by Bret Leone-Quick, Cynthia Larose, CIPP, Chip Phinney and Joel Rothman Last week, the U.S. Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) released a Risk Alert announcing its Cybersecurity Initiative. What does this mean to broker-dealers and investment advisers and, even… Continue Reading
Cyber Risks for the Boardroom Part 1: The Recent Increase in Focus on Privacy Issues
Posted in Cyber Risks Boardroom Series, CybersecurityEach day this week, we are going to explore some of the issues in the rapidly growing area of cyberliability. We will examine the recent increase in focus on privacy issues, why directors should be concerned, the top questions directors should ask when it comes to coverage for cyber investigations, and what kind of cover… Continue Reading
Privacy Monday: Cinco de Mayo, 2014
Posted in Cybersecurity, Data Breach, Privacy MondayHappy Cinco de Mayo! Breaking news this Privacy Monday: The fallout from the massive Target Corporation data breach continues. This morning, the Target board announced that Chief Executive Officer Gregg Steinhafel has resigned effective immediately. The company has appointed Chief Financial Officer John Mulligan as interim president and chief executive. Steinhafel spent 35 years with… Continue Reading
Regulators Speak at IAPP Breakfast Meeting in NYC
Posted in Cybersecurity, Data Breach, Data Compliance & Security, Federal Trade CommissionWritten by Andowah Newton Some important takeaways to start your weekend: Data Breach Incidents—Especially “Ransom” Incidents, are on the Rise—One panelist observed that the New York State Attorney General’s Office received reports of approximately 900 data breach incidents during the past year alone. There has been a significant increase in reports of “ransom” incidents, in… Continue Reading
Coming Monday – A new series that you won’t want to miss!
Posted in CybersecurityA new series for Privacy & Security Matters starting on Monday : “Cyber Risks – Director Liability and Potential Gaps in D&O Coverage” – By Heidi Lawson and Danny Harary C-suite executives and board members are becoming more concerned about the risks posed to their companies by cyberattacks and data breaches. Each day next week… Continue Reading
The latest thinking from Europe (while we are waiting for the Regulation)
Posted in Data Compliance & Security, European Union, Privacy RegulationWritten by Susan Foster, Solicitor England & Wales/Admitted in California (LONDON) Privacy practitioners from the US and Europe gathered in London on April 30 and May 1 to discuss current thinking about privacy policy, regulation and compliance at the IAPP’s European Data Protection Intensive conference. In the background to the current discussions, of course, we… Continue Reading
Minnesota Proposes Expansive Amendment to Data Breach Notification Law
Posted in Data Breach, Data Breach Notification, LegislationTwo days ago, we heard that Target Corporation has brought in an information security heavy hitter to oversee the company’s post-breach data security and technology operations. Now we learn that its home base of operations, Minnesota, is the latest state to propose a legislative reaction to the Target data breach. The Minnesota legislature has introduced an… Continue Reading
