Combating FraudGPT: new guidance to healthcare providers
2/8/24
By: Alexia R. Roney
To combat phishing attacks supercharged by AI, the Health Sector Cybersecurity Coordination Center (HC3) has provided guidance to the healthcare industry through its white paper, “AI-Augmented Phishing and the Threat to the Health Sector.” Phishing is …
Clash of the Courts: How the Illinois Appellate Court’s Discord with the Seventh Circuit Continues to Shape the Evolving Landscape of Insurance Coverage for BIPA Claims
12/27/23
By: Amy Frantz, Michael Sanders, Patrick Eckler, and Jonathan Schwartz
On December 19, 2023, the Illinois Appellate Court, First District unanimously held the insurers in National Fire Insurance Co. v. Visual Pak Co. Inc. have no duty …
Recent enforcement efforts by the Office for Civil Rights serve as warnings to HIPAA covered entities for compliance in 2024
12/18/23
By: Gaia T. Linehan
Healthcare providers, health plans, and healthcare clearing houses are subject to the HIPAA Privacy and Security Rules. As such, they are required to notify patients and file data breach reports with the United States Department of …
Illinois Appellate Court decides issue of first impression in data breach case
10/12/23
By: Donald Patrick Eckler and Adelaide Bell
In a matter of first impression, the Illinois Appellate Court has decided what is sufficient to have standing to pursue a data breach lawsuit under Illinois law. In Flores v. Aon Corp., …
Illinois Supreme Court to consider substantial standing case that could open the flood gates of litigation in state court
10/4/23
By: Donald Patrick Eckler and Joshua W. Zhao
Is a statutory violation alone sufficient to satisfy the “injury in fact” requirement of standing outside the context of the Illinois Biometric Information Privacy Act (BIPA)? The Illinois Supreme Court will take …
We Do Not Negotiate With Terrorists – How Several States are Prohibiting Ransomware Payments
9/28/23
By: Alexander A. Schindler
In 2022 in the United States, 106 local governments, 44 universities and colleges, 45 school districts operating 1,981 schools, and 25 healthcare providers operating 290 hospitals, disclosed they were victimized by ransomware attacks. In recent years, …
Summer Cyber & Privacy Round-Up
8/24/23
By: Nicholas Jajko
2023 has been a busy year for data privacy regulation, with the passage of privacy laws in six new states (Indiana, Iowa, Montana, Oregon, Tennessee, and Texas). Other developments are also worth spotlighting for current and prospective …
Eleventh Circuit holds one text message sufficient to establish standing in robocall case
8/21/23
By: Matthew N. Foree
Article III of the Constitution limits federal-court jurisdiction to actual cases or controversies. Generally, for there to be a case or controversy capable of resolution, the plaintiff must have a personal stake in the case, or …
NO KIDS ALLOWED (Sometimes): The Future of American Youth’s Social Media Use in Light of the Protecting Kids on Social Media Act (“PKSMA”)
5/30/23
By: Julia Bover
There is no denying that social media is top of mind for most of our nation’s youth. If they are not scrolling through the endless feeds, then they are thinking about the next time they will be. …
New Jersey Appellate Panel Holds Cyberattack Losses Not Subject to “Hostile/Warlike Action” Policy Exclusion
5/9/23
By David A. Slocum
In a closely watched case of first impression, a New Jersey appeals court panel held on Monday that a “hostile/warlike action” exclusion contained in an “all risks” property insurance policy does not bar coverage for nearly …
We’re Gonna Need a Bigger Boat – The Rise of AI-Enhanced Phishing Attacks
4/19/23
By Curt Graham
While hard at work, an unexpected email arrives with an urgent request: “This is your boss. I lost my company credit card and I need you to send me your card information immediately.” By now, most of …
The Next BIPA?: Why Insurance Claim Professionals Should Pay Attention to GIPA
3/27/23
By Joseph Tripoli and Jonathan Schwartz
Earlier this month, Amazon was sued in Illinois state court by current and former employees who claim the company unlawfully requested and obtained their family medical histories during the job application process in violation …