In the wake of the COVID-19 crisis, much of the workforce has shifted to working remotely, with many workers operating out of makeshift “offices” they created in their homes with little or no warning. Along with this remote...more
In the wake of the largest U.S. health care data breach in history, Anthem, Inc., has agreed to pay $16 million to the Office for Civil Rights, which is a record settlement for alleged HIPAA violations. According to the...more
Take note GCs: The question is not if you will have to respond to a cybersecurity incident—the question is when. That was the message from speakers and panelists at the Association of Corporate Counsel’s annual meeting this...more
We recently wrote about a decision in Attias v. CareFirst, Inc., holding that a class of plaintiffs whose information was compromised in a cyberattack had sufficiently demonstrated standing to survive a motion to dismiss. The...more
A recent federal appellate decision suggests that it might be getting easier for cyberattack plaintiffs to establish standing in a manner sufficient to survive a motion to dismiss. According to the U.S. Court of Appeals for...more
Coca-Cola won big last month when it secured summary judgment in a privacy class action brought by a former bottling plant employee concerning compromised personal information. Hon. Joseph Leeson of the Eastern District of...more
Computers are involved at some point in almost every business transaction—that is the reality of life in the digital age. The implications of that fact are still being worked out with respect to the interpretation of...more
In what is thought to be the first published decision in a cyber insurance coverage case, popular Chinese restaurant chain, P.F. Chang’s, was denied coverage for certain costs incurred as a result of a 2014 data breach....more
Earlier this month, a Texas federal judge rejected a data breach plaintiff’s claim of a relaxed standard for Article III standing based on the “heightened risks” posed by potential identity theft and security fraud. ...more
Recently, the Pennsylvania Superior Court ruled in favor of data breach plaintiff Avrum Baum, giving him a second chance to certify a class action suit against Keystone Mercy Health Plan. Baum brought suit against the...more
The FCC recently signaled its intention to move aggressively into the realm of data security regulation. On October 24, 2014, the agency released a Notice of Apparent Liability for Forfeiture (NAL), ordering two...more
In a pair of recent cases, two California health care providers successfully warded off lawsuits arising from unauthorized data breaches of patient files. These cases illustrate that improper disclosure of electronically...more
Businesses that operate in the European Union (EU) may soon face a new set of data protection regulations. High-level discussions about a proposal to consolidate all individual EU-member nations’ data protection regulations...more