The general definition of “personal information” used in the majority of statutes is: An individual’s first name or first initial and last name plus one or more of the following data elements: (i) Social Security number, (ii)...more
Last week, we discussed the Federal government’s first steps toward implementing the Cybersecurity Information Sharing Act (CISA). Among the guidance documents released by the Department of Homeland Security and the...more
California Attorney General Kamala Harris has released a report of the data breaches that have been reported to her office from 2012 until 2015. Although the California data breach notification law took effect in 2003,...more
Receently, we reviewed the staggering numbers in California Attorney General Kamala Harris’ 2016 Data Breach Report.
In addition to providing a comprehensive analysis of four years of data breaches, the report provides...more
The 2016 lists are starting to be released by regulatory agencies in the United States, giving a heads’ up to covered entities as to what compliance issues will take front and center this year. Once again, the Office of...more
Remember this? -
“Wetware” – coder slang for biological life forms (i.e., people) – is the weak link in most companies’ data security protections, according to a new data security report issued by the Association of...more
Just at the end of 2015, the Cybersecurity Information Sharing Act (CISA) was enacted into law as part of the omnibus spending measure passed by Congress and signed by President Obama at right before Christmas. The...more
For the first Tuesday in November, we have 10 easy steps to make sure that your data breach incident response planning is viewed from that pesky point of view of a litigator....more
11/3/2015
/ Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Breach Plans ,
Data Privacy ,
Data Protection ,
Data Security ,
Email Policies ,
Personally Identifiable Information ,
Popular ,
Tone At The Top ,
Training
For your convenience, a short list of JD Supra writers covering the myriad issues raised surrounding Cybersecurity, date privacy and protection, and related matters. ...more
Rather than our usual Privacy Monday “bits and bytes,” we have a breaking story relating to the ongoing Wyndham/FTC saga.
Today, Wyndham Worldwide Corp. lost a critical round in the Third Circuit. Anticipated since...more
8/25/2015
/ Best Practices ,
Credit Cards ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Federal Trade Commission (FTC) ,
FTC Act ,
FTC v Wyndham ,
Personally Identifiable Information ,
Section 5 ,
Unfair or Deceptive Trade Practices ,
Wyndham
While you enjoy what is left of the summer of 2015, we will kick off your week with a few privacy and security bits and bytes....more
8/4/2015
/ Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Food and Drug Administration (FDA) ,
Hackers ,
Healthcare Facilities ,
Hospitals ,
Medical Devices ,
NAIC ,
Nursing Homes ,
Personally Identifiable Information
Welcome to the dog days of summer 2015. Three privacy & security bits and bytes to start your week (if you are reading this on vacation … good for you!)
1. ICYMI: Massive Data Breach at OPM Claims Victim — The Director...more
7/14/2015
/ China ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybertheft ,
Data Breach ,
Data Protection ,
Office of Personnel Management (OPM) ,
Personally Identifiable Information ,
Russia ,
Third-Party ,
United Nations
It’s appropriate that the “boys of summer” feature prominently in today’s post.
Strike three for the St. Louis Cardinals?
On another summer Privacy Monday in 2014, we made note of a reported hack into the Houston...more
In the absence of any meaningful moves in Congress to enact uniform data breach notification, the states continue to make adjustments to existing laws to better protect affected residents in their states.
Connecticut is...more
The news continues to pour in about the two-part massive hack into the federal government’s Office of Personnel Management (OPM) and the compromise of personal information of millions of present and former federal...more
As an update to our blog post, “Data Breach Affects Millions of Current and Former Government Workers”, a union representing federal workers is now claiming that the hack may be worse than originally feared. Yesterday, the...more
In the last month, both a federal and state court denied coverage for claims relating to an insured’s handling of electronic data. In the first case, a federal court held that there was no coverage under a cyber insurance...more
6/2/2015
/ Commercial General Liability Policies ,
Credit Cards ,
Cyber Insurance ,
Cybersecurity ,
Data Protection ,
Duty to Defend ,
Electronically Stored Information ,
Errors and Omissions Policy ,
IBM ,
Security Risk Assessments ,
Travelers Property Casualty Co.
Key takeaway: The insurance applications and underwriting questionnaires prepared in connection with cyber insurance do matter.
Cyber security, and cyber insurance, have dominated the industry headlines for several...more
It’s Monday morning — do you know your privacy/security status?
Here are a few bits and bytes to start your week.
SEC to Registered Investment Advisers and Broker-Dealers: It’s Your Turn to Pay Attention to...more
5/18/2015
/ Advertising ,
Broker-Dealer ,
Brokers ,
China ,
Cyber Attacks ,
Cybersecurity ,
Data Protection ,
Digital Advertising Alliance ,
Investment Adviser ,
Investment Companies ,
Mobile Apps ,
Penn State ,
Securities and Exchange Commission (SEC)
Fitbit, the fitness-tracking company with six wearable devices that track and collect data about things like calories burned, steps logged, “quality” of sleep and sleep patterns, heart rate, etc.) as well as web and mobile...more
Another federal agency has weighed in with “guidance” on cybersecurity preparation and breach response. The Department of Justice (DOJ) is the latest to issue guidance on how companies should respond to data breaches. The...more
File this under: A View Into What the Regulators Deem Important. The National Association of Insurance Commissioners (NAIC), the standard-setting organization in the U.S. insurance industry created and governed by the chief...more
Some privacy & security bits and bytes to start your week:
FCC to Hold Public Workshop on Broadband Consumer Privacy Tomorrow -
Over the last several months, the Federal Communications Commission has taken on a...more
4/28/2015
/ Broadband ,
Customer Proprietary Network Information (CPNI) ,
Cybersecurity ,
Data Collection ,
Data Protection ,
FCC ,
Federal Communications Act ,
Internet ,
Mobile Broadband Services ,
Mobile Devices ,
Securities and Exchange Commission (SEC)
As cyber week continues in Washington, Federal Communications Commission Chairman Tom Wheeler traveled to the west coast to speak about cybersecurity at the RSA Conference in San Francisco. Wheeler noted that the FCC has...more
Security is on the agenda from coast to coast this week.
Cybersecurity information sharing legislation will hit the House floor this week. H.R. 1731, the National Cybersecurity Protection Advancement Act was reported...more