Last week, the Department of Justice (DOJ) issued the first report of its Cyber-Digital Task Force. The Task Force, which is comprised of several long-time DOJ officials, was tasked with distilling how the DOJ responds to...more
Snell & Wilmer’s Breach Response Team regularly guides clients through all phases of data breach and cyber incident response, including leading internal investigations related to data breaches and cyber incidents in...more
6/7/2018
/ Corporate Counsel ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Hackers ,
Notification Requirements ,
Personally Identifiable Information ,
State Data Breach Notification Statutes ,
Young Lawyers
This Friday is the deadline for General Data Protection Regulation (“GDPR”), yet many companies are still in the process of planning for compliance. Companies not able to meet the deadline may want to consider,...more
5/23/2018
/ Breach Notification Rule ,
Cybersecurity ,
Data Processors ,
Data Protection ,
Data Protection Officers (DPOs) ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Information Governance ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Risk Management
On March 21, 2018, South Dakota became the 49th state to enact a breach notification law, leaving Alabama as the sole U.S. state without one. The South Dakota law will take effect on July 1, 2018. Here is a summary of several...more
On September 15, 2017, the FTC released its eighth “Stick with Security” principle, which offers advice that individuals and organizations should consider when hiring others to process sensitive data. A few tips for making...more
On September 8, 2017, the FTC released its seventh “Stick with Security” principle, which offered guidance regarding how companies incorporate security by design to prevent or minimize threats in the following ways...more
On September 1, 2017, the FTC released its sixth “Stick with Security” principle, which highlighted the steps businesses can take to ensure that “outside entryways” into network systems are secure. Securing remote access to a...more
On August 25, 2017, the FTC released its fifth “Stick with Security” principal, which focused on how companies can protect their virtual “entrances and exits” and make life harder for hackers.
The FTC believes that the...more
On August 18, 2017, the FTC released its fourth “Stick with Security” principle, which explained the importance of keeping confidential data only when needed, and securely storing the data when it must be kept. To that end,...more
On August 11, 2017, the FTC released its third “Stick with Security” principle, which touched on the necessity of strong authentication practices. Secure passwords and fortified authentication practices make it that much...more
On August 4, 2017, the FTC released its second “Stick with Security” principle, which addressed the next step a company should take after it has identified confidential data in its possession and determined what information...more
Companies that have experienced data breaches or security hacks have subsequently found themselves the subject of enforcement actions by the Federal Trade Commission (“FTC”) for violating the FTC Act, due to inadequate...more
The Foreign Corrupt Practices Act (“FCPA”) prohibits both United States and foreign corporations and nationals from offering or paying, or authorizing the offer or payment, of anything of value to a foreign government...more
9/15/2016
/ Books & Records ,
Bribery ,
Cooperation ,
Corruption ,
Department of Justice (DOJ) ,
Federal Pilot Programs ,
Foreign Corrupt Practices Act (FCPA) ,
Fraud ,
Internal Controls ,
Remediation ,
Self-Reporting ,
Voluntary Disclosure ,
White Collar Crimes ,
Yates Memorandum
On August 31st and September 7th, 2016, the Federal Trade Commission (FTC) provided guidance regarding cybersecurity standards, which companies should consider when assessing their current data security posture....more
9/12/2016
/ Cyber Attacks ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Data Security ,
Executive Orders ,
Federal Trade Commission (FTC) ,
Hackers ,
NIST ,
Obama Administration ,
Presidential Directives ,
Ransomware ,
Risk Management
On Tuesday July 12, 2016, the European Commission formally adopted the EU – U.S. Trans-Atlantic Privacy Shield data transfer deal, commonly referred to as the “Privacy Shield”. The action followed an earlier vote by...more
Although the Yates Memo is now ten months old, senior executives and in-house counsel still do not have clarity about how the Department of Justice (“DOJ”) will apply the Memo’s principles to corporate investigations. On...more
7/15/2016
/ Cooperation ,
Corporate Misconduct ,
Department of Justice (DOJ) ,
Export Controls ,
False Claims Act (FCA) ,
Financial Services Industry ,
Foreign Corrupt Practices Act (FCPA) ,
Government Investigations ,
Healthcare Fraud ,
Individual Accountability ,
Voluntary Disclosure ,
White Collar Crimes ,
Yates Memorandum