The Seventh Circuit reinstates the Neiman Marcus data breach class action lawsuit after finding that increased risk of future fraudulent charges and greater susceptibility to identify theft are sufficient for standing.
...more
8/3/2015
/ Article III ,
Class Action ,
Credit Monitoring ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Fraudulent Charges ,
Free Identity Theft Protection ,
Identity Theft ,
Neiman Marcus ,
Popular ,
Standing
Earlier this month, the U.S. Department of Health and Human Services Office for Civil Rights (HHS OCR) announced that it had entered into a settlement agreement with St. Elizabeth's Medical Center (SEMC) in Brighton,...more
7/31/2015
/ Compliance ,
Corporate Counsel ,
Corporate Governance ,
Corrective Actions ,
Cybersecurity ,
Data Security ,
De-Identified Protected Health Information ,
Department of Health and Human Services (HHS) ,
Department of Justice (DOJ) ,
EHR ,
Enforcement Actions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Personally Identifiable Information ,
Security Rule ,
Settlement
On Feb. 3, the Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA) each released reports regarding cybersecurity issues for brokerage and advisory firms, both of which should be...more
6/18/2015
/ Broker-Dealer ,
Brokers ,
C-Suite Executives ,
Cybersecurity ,
Enforcement ,
Financial Industry Regulatory Authority (FINRA) ,
Industry Examinations ,
Information Reports ,
Investment Adviser ,
OCIE ,
Popular ,
Risk Assessment ,
Securities and Exchange Commission (SEC)
On May 20, 2015, Federal Trade Commission Assistant Director Mark Eichorn of the Bureau of Consumer Protection’s Division of Privacy and Identity Protection (DPIP) offered an inside look into the FTC’s investigative process...more
April saw amendments to Washington State's and North Dakota's breach notification statutes.
In a prior Orrick Alert, we discussed some of the implications from the proposed data breach notification amendments in...more
On April 27th, the United States Supreme Court granted certiorari in Spokeo, Inc. v. Robins, to consider a question critical to the viability of data breach class actions: standing. Since the Court’s most recent standing...more
The Middle District of Tennessee recently issued a key decision in the ongoing Genesco, Inc. v. Visa U.S.A., Inc. data breach litigation. The court denied discovery requests by Visa for analyses, reports, and communications...more
On April 1, President Obama signed an Executive Order to combat the "national emergency" sparked by a rapidly evolving global cybercrime environment. The Executive Order directs the U.S. Treasury Department to impose...more
4/14/2015
/ Asset Freeze ,
Barack Obama ,
Blocked Entities ,
Blocked Person ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Executive Orders ,
National Security ,
Popular ,
Sanctions ,
SDN List ,
U.S. Treasury
On March 4, 2015, Washington State’s House of Representatives passed HB 1078, which would significantly tighten Washington’s current data breach notification requirements, currently codified at RCW 19.255.010. The bill has...more
On Feb. 26, 2015, in an effort to make “New York State’s computer infrastructure the most secure in the nation,” the New York State Senate passed a suite of four cybersecurity-related bills focused on protecting critical...more
On Feb. 15, 2015, the Federal Aviation Administration released a set of long-awaited proposed rules for commercial drone operation that paves the way for commercial drone usage in the United States by 2017. At the same time,...more
2/20/2015
On February 3, 2015, the U.S. Securities and Exchange Commission released a Risk Alert addressing cybersecurity issues at brokerage and advisory firms, along with suggestions to investors on ways they can protect themselves...more