As reflected in our 2021 Data Security Incident Response Report 2020 saw a sharp spike in the number of incidents involving vendors, which amounted to over 25 percent of the total incidents handled in 2020, and the trend is...more
Although it was widely reported that several ransomware threat actor groups have pledged to not target healthcare providers until the COVID-19 pandemic is over, BakerHostetler’s Digital Assets and Data Management Practice...more
In what is being seen as a strong rebuke to years of regulatory overreach, the United States District Court for the District of Columbia entered an order on January 23, 2020 that invalidates provisions of the 2013 Omnibus...more
Last week, the attorneys general (AGs) of 43 states and the District of Columbia announced they reached a $1.5 million settlement with Neiman Marcus Group LLC to resolve an investigation of a 2013 data breach that involved...more
Despite several failed attempts in recent years, there is a new effort underway to enact a federal data privacy law, and it’s being led by a somewhat unlikely source – the tech industry....more
The Office of the New Jersey Attorney General (AG’s Office) recently announced that it will be creating a new civil enforcement unit, known as the Data Privacy & Cybersecurity Section (DPC Section), to investigate data...more
Several weeks ago, South Dakota and Alabama became the final two states to enact data breach notification laws. The Alabama Data Breach Notification Act of 2018 takes effect on May 1, 2018, and imposes information security,...more
One of two remaining states without a data breach notification law has finally enacted one of its own. On March 21, 2018, South Dakota Governor Dennis Daugaard signed South Dakota Senate Bill 62 into law, creating the newest...more