Medical Device Legal News with Sam Bernstein: Episode 10
Drafting Consumer Breach Notices — From a Litigation Perspective - Unauthorized Access Podcast
IP|Trend: Dust up After the Breach
Hot Topics Roundtable for Fund Managers - Cybersecurity, Valuation, and More
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
The Federal Trade Commission (FTC) continues to enforce and update its Health Breach Notification Rule (HBNR) amidst a fast-changing regulatory environment. A new rule, which took effect this week, expands the scope of the...more
As our loyal Practical Privacy readers may remember, back in December of 2021, the Federal Trade Commission (the “FTC” or “Commission”) began a rulemaking process to update the Commission’s Health Breach Notification Rule...more
On June 30, 2023, Mount Desert Island Hospital (“MDIH”) filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that an unauthorized party had gained...more
The FTC recently proposed amendments to the Health Breach Notification Rule (HBNR). This is on trend with its aggressive interest over the last couple of years in health data not covered by HIPAA....more
While the federal government attempts to move forward with a more uniform national law, Connecticut joined California, Colorado, Utah, and Virginia in passing a comprehensive consumer privacy law....more
The New York Department of Financial Service recently clarified security incident notification requirements and the use of multi-factor authentication. On its FAQ page, the NYDFS added two new questions and answers for...more
On September 15, 2021, the Federal Trade Commission (FTC) voted 3–2 along party lines (with Republican commissioners dissenting) to issue a policy statement announcing an expansive interpretation of the FTC’s Health Breach...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - NIST Director Discusses Future Development of Cybersecurity Framework - On March 4, the director of the National Institute of Standards and Technology...more
Effective April 11, 2019, new amendments to Massachusetts’s Data Breach Notification Act go into effect. The amendments impose additional requirements on covered companies that sustain a data breach involving personal data of...more
Data breaches continue to be an unfortunate risk that companies face with increasing frequency. In this podcast, Rebecca Bennett, Stephen Riga, and Justin Tarka discuss data breaches from both a U.S. and EU perspective,...more
An enhanced resource for analysis of data breach notification laws for all 50 states is now just a click away. BakerHostetler combined two of its state breach notification law resources (a summary of the laws and a guide to...more
Recently, a new bill was signed by Colorado Governor John Hickenlooper, creating far reaching new requirements for entities that collect or maintain personal identifying information of Colorado residents. These requirements,...more
On May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) took effect. Although EU laws typically don’t have a worldwide impact, the GDPR will impact business across the globe. The GDPR has an extremely...more
With the recent enactment of data breach notification laws in South Dakota and Alabama, all 50 US states now have laws regulating data breach notification. We’ve updated the Mintz Matrix (maintained by the Mintz Privacy Team...more
Senators Introduce Bipartisan Internet Privacy Bill - Sens. Amy Klobuchar (D-Minn.) and John Kennedy (R-La.) on Tuesday introduced a bipartisan internet privacy bill intended to give users more control over what websites...more
Alabama has joined the “crazy quilt” of state data breach notification laws with the governor’s signature of the Alabama Data Breach Notification Act of 2018. Things to take note of under the Alabama law...more
On Wednesday, March 28, 2018, the Alabama Data Breach Notification Act of 2018 (SB318) was signed into law by the Governor, making Alabama round out the roster of 50 states with data breach notification laws. (South Dakota’s...more
One of two remaining states without a data breach notification law has finally enacted one of its own. On March 21, 2018, South Dakota Governor Dennis Daugaard signed South Dakota Senate Bill 62 into law, creating the newest...more
On August 17, 2017, Delaware Governor John Carney signed into law HB 180, completing an update to a nearly 12-year old breach notification statute that had little teeth, and no enforcement. The new law, which applies to “Any...more
On January 25, 2018, the South Dakota Senate approved the state’s first data breach notification law. If passed, the law would leave Alabama as the only U.S. state without a notification law. The proposed law will now move to...more
As we near the end of a year that has seen more than its share of massive data breaches, two bills have been introduced (one re-introduced) in the U.S. Senate....more
Primarily motivated by the several recent massive data breaches, Senate Democrats recently introduced a bill geared toward protecting Americans’ personal information against cyber attacks and to ensure timely notification and...more
The recent Equifax breach data and public missteps in handling the breach has companies revisiting their cybersecurity measures and refreshing their breach response plans. Although not every company has consumer data likely...more
Tim Toohey was quoted in Allison Grande’s article that ran in Law360 on October 6, 2017, discussing the Equifax data breach and the congressional hearings in both the Senate and House following the breach. The hearings have...more