Digital Planning Podcast - Interview With Leeza Garber
Compliance into the Weeds-Episode 39, Disclosure of Ransomware Attacks
Your Cyber Minute: Compliance with the Proposed NYDFS Cybersecurity Regulation
Safeguards against Data Security Breaches (Part One)
New York’s Cybersecurity Regulation continues its phased roll-out on November 1, when licensed financial services companies face a host of new requirements aimed at bolstering breach readiness and improving their ability to...more
The FTC has reached a settlement with Residual Pumpkin Entity, LLC and PlanetArt, LLC—the former and current owners of online merchandise platform CafePress (collectively, “CafePress”)—to resolve allegations that CafePress...more
On October 27, 2021 the FTC issued a final rule (the “Final Rule”) amending 16 CFR Part 134, Standards for Safeguarding Customer Information (“Safeguards Rule”), after a period of notice and comment. While the existing...more
In our first article to kick off Cybersecurity Awareness Month, we will discuss some steps businesses can take to improve their cyber hygiene. Over the past few years, some of the largest and well-known companies have been...more
The COVID-19 pandemic has caused many employers now operating remotely to conduct meetings via video conference – which has created a whole new set of various privacy and cybersecurity concerns. While these remote work tools...more
Many workers and employers are adjusting to remote working as a result of the COVID-19 pandemic. That shift has created a unique opportunity for cyber-attackers and criminals – the European Union Agency for Cybersecurity has...more
SDNY Rejects Standing under “Increased Risk” Theory Where Data Not Targeted or Stolen - The Southern District of New York rejected a settlement that would have resolved a class action based on the unauthorized (and...more
James Grago has a nice business going. He runs a website called ClixSense.com that permits users to earn money by completing surveys and watching advertisements. Revenues grew from $6.7 million in 2015 to $9.1 million in...more
In late 2018 the U.S. District Court of New Jersey indicted two Iranian men for allegedly running a hacking scheme that hit local and state governments as well as transportation agencies and hospitals across the U.S. The...more
We are living in a rapidly changing world (trite, I know) where companies have to focus on data privacy and security for a variety of reasons. Consumers and constituents are concerned about the safety and privacy of personal...more
In April 2018, Verizon released the 11th edition of its Data Breach Investigations Report. As usual, the Verizon DBIR contained interesting data points culled from more than 53,000 incidents and 2,216 confirmed data breaches....more
The Ponemon Institute has released a recent report concluding, among other things, that the cost to a company suffering a data breach in the U.S. has risen eight percent year-on-year from 2017. The total cost of the average...more
All lawyers face technology threats, ranging from the inconvenient to practice-threatening disasters. From unauthorized access, lawyers risk having confidential information stolen, destroyed or made inaccessible. Hackers...more
Last week, the UK’s Information Commissioner’s Office (ICO) published a monetary penalty notice which fined a private healthcare company, HCA International, £200,000 for its failure to keep sensitive data secure....more
As we previously reported, in December 2016 the New York Department of Financial Services (the “DFS”) announced that it was revising its proposed regulation that would require banks, insurance companies and other financial...more
On August 4, 2016, the Office for Civil Rights (“OCR”) of the U.S. Health & Human Services Department (“HHS”) announced a $5.55 million HIPAA settlement with Advocate Health Care Network (“Advocate”), the largest...more
All companies with Tennessee employees or customers need to revise their data incident policies and procedures. Tennessee has revised their breach notification statute to remove the encryption safe harbor, which previously...more
Tennessee recently amended its data breach notification law, and in doing so, it has joined the ranks of states like Florida, Ohio, and Wisconsin that require notification to residents of a data breach within a defined time...more
Threats to data privacy are not going away, but establishing appropriate security measures up-front, performing regular stress-tests on a security system, putting in place procedures to address a data breach and implementing...more