News & Analysis as of July 31, 2025

Civil Monetary Penalty

+ Follow

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now. less -

The ICO’s Penalty Against 23andMe Brings New Emphasis on Cybersecurity Risks - Key Takeaways for U.S. Companies

Womble Bond Dickinson on 7/11/2025

The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more

We’ll Take the Fine: OCR’s ‘Unwarranted,’ Costly Demands Prompted Hospital’s $538K Payment

Health Care Compliance Association (HCCA) on 2/7/2025

The saga that led Children’s Hospital Colorado to accept a fine of more than $500,000 imposed by the HHS Office for Civil Rights (OCR) began on July 11, 2017, when a physician’s email account containing details on 3,300...more

Privacy Briefs: May 2024

Health Care Compliance Association (HCCA) on 5/13/2024

Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more

OCR: Current Fines Too Low to Spur Compliance; Agency Also Seeks Funding Boost, Injunctive Relief

Health Care Compliance Association (HCCA) on 5/6/2022

Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more

Pending U.S. Supreme Court Cases May Restrict FTC’s Pursuit of Monetary Relief in Privacy and Cybersecurity Matters

Orrick, Herrington & Sutcliffe LLP on 7/27/2020

Earlier this month, the U.S. Supreme Court agreed to hear a pair of cases that provide it with the opportunity to severely restrict the Federal Trade Commission’s (“FTC’s”) authority to obtain equitable money relief in...more

Data Privacy + Cybersecurity Insider - November 2019

Robinson & Cole LLP on 11/8/2019

Cyberliability insurance provider Beazley Insurance Company has analyzed its internal breach response data and determined that in its experience, there has been a thirty-seven percent (37%) increase in ransomware attacks this...more

Russia Considers Monetary Penalties for Noncompliance with Data Protection, Internet Laws

Morgan Lewis on 9/10/2019

A draft law proposed in Russia would introduce severe monetary fines for noncompliance with Russia’s data protection law, including the data localization requirement, and violations of various internet activity laws. ...more

The SEC Released A Risk Alert On Reg S-P, a/k/a How To Avoid A $1 Million Penalty

UB Greensfelder LLP on 4/24/2019

I am hardly saying that SEC Regulation S-P is the sexiest of regulations. I mean, has any customer is history actually read one of those exciting statement stuffers that discloses in some dense font a BD’s privacy policy?...more

2018 Digital Health Data Developments – Navigating Change in 2019

McDermott Will & Emery on 2/5/2019

Data privacy and security legislation and enforcement saw significant activity in 2018 and early 2019. McDermott’s 2018 Digital Health Year in Review: Focus on Data report – the first in a four-part series – highlights...more

The Significance to Businesses of the California Legislature’s Last-Minute Revisions to the 2018 California Consumer Privacy Act

Akin Gump Strauss Hauer & Feld LLP on 9/10/2018

• The California Legislature passed SB 1121 to revise certain sections of the CCPA – the nation’s strictest privacy protection statute which provides Californians with a right to learn what personal information certain...more

Are You Prepared for the California Consumer Privacy Act? Get Ready for European-Style Privacy in the U.S.

Troutman Pepper Locke on 9/10/2018

With California enacting a sweeping new data privacy law on June 28, now is the time for companies to review and adjust to how the California Consumer Privacy Act will impact their business. The act, which has broad...more

Summary Judgment: Recent HIPAA Case Emphasizes Encryption, Action on Risk Analysis - AHLA Health Information and Technology...

Bradley Arant Boult Cummings LLP on 8/2/2018

On June 18, 2018, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced that an HHS Administrative Law Judge (“ALJ”) granted summary judgment to OCR in an enforcement action...more

SEC Cybersecurity Update

Proskauer on Privacy on 10/20/2015

Results from the SEC’s First Round of Cybersecurity Examinations - On February 3, 2015, the OCIE published a risk alert summarizing its findings from its examinations of over 100 registered investment advisers and...more

Investment Adviser Settles SEC Cybersecurity Enforcement Action; SEC Issues Investor Alert

King & Spalding on 10/8/2015

On September 22, the U.S. Securities and Exchange Commission (“SEC”) and R.T. Jones Capital Equities Management, Inc. (“R.T. Jones”), a St. Louis-based investment adviser, settled charges that R.T. Jones failed to adopt...more

California Attorney General Settlement Requires Hiring of Privacy Officer: Businesses with Web Presences Subject to Increasing...

Goodwin on 10/7/2015

On Friday, Oct. 2, home design and renovation company, Houzz, Inc., reached a settlement with the Office of California Attorney General Kamala Harris over allegations that Houzz had recorded customer and employee...more

A Compilation of Enforcement and Non-Enforcement Actions

Foley & Lardner LLP on 10/1/2015

Non-Enforcement Cybersecurity Is At the Top of SEC Examination Concerns In a recent SEC “risk alert” for registered broker-dealers and investment advisers, the SEC’s Office of Compliance Inspections and Examinations (OCIE)...more

The SEC Charges Investment Adviser with Violating Regulation S-P by Failing to Adopt Cybersecurity Policies and Procedures

Foley Hoag LLP - Security, Privacy and the... on 9/28/2015

In recent years, the SEC has been focused on cybersecurity. It has issued risk alerts, conducted examinations and provided guidance about what the agency sees as widespread weaknesses in many policies and procedures to...more

SEC Charges Investment Adviser With Failure to Adopt Proper Cybersecurity Policies and Procedures

Broker-Dealer Compliance + Regulation on 9/25/2015

A registered investment adviser agreed to settle SEC charges that it failed to adopt adequate cybersecurity policies and procedures reasonably designed to protect customer records and information as required by Rule 30(a) of...more

SEC Announces Cybersecurity Enforcement Action

Proskauer on Privacy on 9/25/2015

On September 22, 2015, the Securities and Exchange Commission (SEC) announced the settlement of an enforcement action against a St. Louis-based registered investment adviser (Adviser) brought under Rule 30(a) of Regulation...more

19 Results

View per page

Page: of 1

Cybersecurity › Data Privacy › Civil Monetary Penalty

"My best business intelligence, in one easy email…"