The Federal Trade Commission (FTC) accepted a proposed consent agreement earlier this week that includes payment of $500,000 for consumer redress from CafePress, an online platform allowing consumers to purchase customized...more
On February 22, 2022, U.S. Department of Homeland Security Secretary Alejandro Mayorkas warned critical infrastructure organizations located in the United States of possible cyberattacks by Russian state-sponsored actors in...more
The European Commission adopted new versions of the Standard Contractual Clauses (SCCs) on June 4, 2021. The new SCCs finally replace the original SCCs adopted under the 1998 European Data Protection Directive (DPD) and did...more
7/6/2021
/ Corporate Counsel ,
Cybersecurity ,
Data Protection ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK Data Protection Act
On June 2, 2021, Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology, published a rare open letter to the corporate executives and business leaders of...more
6/14/2021
/ Corporate Executives ,
Cybersecurity ,
Department of Justice (DOJ) ,
Economic Sanctions ,
Embargo ,
Executive Orders ,
Hackers ,
International Emergency Economic Powers Act (IEEPA) ,
Joe Biden ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
TWEA
On October 28, 2020, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Health and Human Services (HHS) issued a joint warning that they...more
10/30/2020
/ Coronavirus/COVID-19 ,
Cyber Crimes ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Health and Human Services (HHS) ,
FBI ,
Germany ,
Health Care Providers ,
Hospitals ,
New Guidance ,
Pennsylvania ,
Ransomware
As industry continues to adapt to the evolving realities of shelter-in-place orders, companies face challenges in supporting an unprecedented remote workforce while balancing compliance with a variety of regulatory agencies....more
5/4/2020
/ CARES Act ,
Centers for Disease Control and Prevention (CDC) ,
Centers for Medicare & Medicaid Services (CMS) ,
Consumer Financial Protection Bureau (CFPB) ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
OCR ,
Popular ,
Safe Harbors ,
World Health Organization
As industry continues to adapt to the evolving realities of shelter-in-place orders, companies face challenges in supporting an unprecedented remote workforce while balancing compliance with a variety of regulatory agencies....more
4/9/2020
/ Business Interruption ,
California Consumer Privacy Act (CCPA) ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Regulatory Standards ,
Remote Working ,
Small Business ,
State of Emergency
...On June 28, 2018, California passed AB 375, the California Consumer Privacy Act of 2018 (CCPA), which will become effective January 1, 2020. Introduced just a week earlier in an effort to defeat a much stricter...more
7/3/2018
/ Consumer Protection Laws ,
Cybersecurity ,
Data Collection ,
General Data Protection Regulation (GDPR) ,
Governor Brown ,
New Legislation ,
Notice Requirements ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Portability ,
Right to Be Forgotten ,
State and Local Government
The data breach at the U.S. Office of Personnel Management was one of the most serious and possibly one of the top ten largest data breaches of the 21st century, compromising background investigation records for some 22...more
12/5/2017
/ Article III ,
Clapper v. Amnesty International ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Debit and Credit Card Transactions ,
FISA ,
Identity Theft ,
Office of Personnel Management (OPM) ,
Personally Identifiable Information ,
Retailers
Businesses have been scrambling since Friday evening when news spread that a ransomware attack named WannaCry is compromising organizations at an alarming rate. In less than 48 hours, it has compromised more than 130,000...more
As a life sciences or medical device company, it is mission critical to protect lab books, drug and clinical test data, product formulas and production processes that underlie your patents, trade secrets and know-how from...more
4/4/2017
/ Biotechnology ,
Confidential Information ,
Corporate Officers ,
Cybersecurity ,
Data Breach Plans ,
Federal Trade Commission (FTC) ,
Food and Drug Administration (FDA) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Incident Response Plans ,
Intellectual Property Protection ,
Life Sciences ,
Medical Devices ,
Non-Disclosure Agreement ,
Pharmaceutical Industry ,
Policies and Procedures ,
Popular ,
Trade Secrets
Highlights Areas of High Risk and Examination Priorities for Financial Industry Firms -
On September 15, the U.S. Securities and Exchange Commission’s (SEC’s) Office of Compliance, Inspections and Examinations (OCIE),...more
10/8/2015
/ Broker-Dealer ,
Cease and Desist Orders ,
Corporate Governance ,
Cyber Crimes ,
Cyber Incident Reporting ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Breach Plans ,
Data Loss Prevention ,
Data Privacy ,
Data Protection ,
Data Security ,
Encryption ,
Enforcement Actions ,
Hackers ,
Identity Theft ,
Neither Admit Nor Deny Settlements ,
OCIE ,
Personally Identifiable Information ,
Policies and Procedures ,
Registered Investment Advisors ,
Risk Alert ,
Sanctions ,
SEC Examination Priorities ,
Securities and Exchange Commission (SEC) ,
Security Risk Assessments ,
Training ,
Unauthorized Access ,
Vendors