Legislation may change the way government and the private sector collaborate on cybersecurity.
After years of vigorous debate and numerous false starts, in the closing hours of its 2015 session, the US Congress...more
Earlier this week, the European Commission announced that a “political” agreement has been reached on a new framework for data flows from the EU to the US. The announcement highlights a few changes from the old Safe Harbor...more
2/5/2016
/ Article 29 Working Party (WP29) ,
Binding Corporate Rules ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
International Data Transfers ,
Ombudsman ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
US-EU Safe Harbor Framework
In a stunning victory, an administrative law judge has recommended the dismissal of a long-pending US Federal Trade Commission (FTC) complaint against LabMD, Inc. (LabMD). In a strongly worded opinion in a case that had...more
1. Start Early -
Buyers should begin conducting cybersecurity risk assessments early in the engagement process. The target should be able to identify which information technology systems and data sets are key to the...more
The so called Article 29 Working Party met on October 15, 2015 to discuss the consequences of the Schrems Judgment of the European Court of Justice (ECJ). On October 16, 2015, the Working Party published a Statement...more
10/19/2015
/ Article 29 Working Group ,
Binding Corporate Rules ,
Data Protection Authority ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
International Data Transfers ,
Judicial Redress Act ,
Legislative Agendas ,
Member State ,
Model Contracts ,
Schrems I & Schrems II
On October 6, the European Court of Justice ruled that Decision 2000/520 of the European Commission, which stated that Safe Harbor-certified US companies provide adequate protection for personal data transferred to them from...more
10/7/2015
/ Binding Corporate Rules ,
Data Protection Authority ,
EU ,
EU Data Protection Laws ,
EU Directive ,
European Commission ,
European Court of Justice (ECJ) ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Member State ,
Model Contracts ,
US-EU Safe Harbor Framework
Alleged HIPAA Violations Resulted from Medical Center’s Failure to Risk Assess Internet-Based Document Sharing Application and Inadequate Breach Response.
The US Department of Health and Human Services (HHS) Office for...more
9/2/2015
/ Business Associates ,
Cloud Computing ,
Covered Entities ,
Data Breach ,
Data-Sharing ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Hospitals ,
OCR ,
Patient Confidentiality Breaches ,
PHI ,
Risk Management ,
Security Breach
On July 10, the Federal Communications Commission (“FCC”) released the text of a Declaratory Ruling and Order, initially adopted on June 18, that provides various clarifications regarding the Telephone Consumer Protection Act...more
In the wake of reported security breaches at a number of significant financial institutions, cybersecurity is garnering more attention and concern than ever before — both within the financial services industry and among...more
2/27/2015
/ Banks ,
Corporate Counsel ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Protection ,
Financial Institutions ,
Internet ,
NIST ,
OCIE ,
Popular ,
Securities and Exchange Commission (SEC) ,
SIFMA
The SEC today published in the Federal Register its Regulation SCI (Regulation Systems Compliance and Integrity), which requires key market participants to have and implement written policies and procedures reasonably...more
The State of California, long the most proactive U.S. state in enacting data privacy laws, has again modified its breach notification and data protection laws. This week, Governor Jerry Brown signed two privacy bills into...more
“It is often said that there are two kinds of companies out there — those that have suffered a data breach and those that will have one,” said Latham & Watkins partner Kevin Boyle. “So it makes a lot of sense to be prepared...more
A Stored Communications Act (SCA) search warrant case arising out of a New York federal narcotics trafficking investigation is being closely watched by EU data protection authorities, privacy advocates, multinational...more
Yesterday, the Federal Trade Commission announced a settlement with Snapchat, the young mobile messaging company. The complaint alleges misrepresentations about functionality and related security as well as privacy...more
Governor Jerry Brown signed California Assembly Bill 370 (“A.B. 370”), an amendment to the California Online Privacy Protection Act (“CalOPPA”), into law on Friday, September 27. As previously reported here, A.B. 370 requires...more
On September 3, 2013, California Assembly Bill 370 (“A.B. 370”), an amendment to the California Online Privacy Protection Act (“CalOPPA”), was enrolled and sent to Governor Jerry Brown for his signature. A.B. 370, which was...more