Federal Trade Commission Offers Tips on Avoiding and Responding to Ransomware Attacks
11/22/16
By: Amy C. Bender
With ransomware attacks on the rise, it is important to have a plan in place on how best to prevent such attacks and respond when they occur. The Federal Trade Commission, the government agency tasked with …
NetDiligence’s 2016 Cyber Claims Study Shows Data Breach Risks Concern Organizations Large and Small
11/7/16
By: Melissa A. Santalone
NetDiligence’s 2016 study of cyber insurance claims made during the year show that data breaches are not just problems for retail giants or Fortune 500 companies. Huge breaches, including those with over 1 million records lost, …
Clearer Skies Ahead for HIPPA-Covered Entities Using Cloud Service Providers
10/27/16
By: Mandy Proctor
Earlier this month, the Department of Health and Human Services’ Office of Civil Rights (OCR) issued guidelines to HIPPA-covered entities that use or may use cloud service providers (CSPs) in connection with the processing of electronic Personal …
New York Becomes the First State to Propose Mandatory Cybersecurity Regulations for Private Financial Institutions
10/19/16
By: Kacie L. Manisco
The New York State Department of Financial Services (“DFS”) recently announced proposed regulations that would require banks, insurance companies and other financial institutions to establish programs and policies for responding to cyberattacks and data breaches. The …
Ransomware Victims Urged to Report Infections
10/6/16
By: Jeremy W. Rogers
By now, most people have heard of that nasty form of technological extortion known as ransomware. This is a type of malware that is installed on a computer or server that encrypts files, thus rendering those …
Former S.E.C. Commissioner Continues to Sound the Clarion for Better Corporate Governance Regarding Cyber-Risk
10/6/16
By: John Goselin
For years now, Louis Aguilar has been speaking, cajoling and encouraging American businesses of all sizes to focus their attention on cyber-security and mitigating the cyber risks inherent in conducting business in this modern technological era. Although …
FTC Finds Data Security Practices Unreasonable, Even Without Evidence of Unauthorized Access
9/30/16
By: Matt Foree
Recently, the Federal Trade Commission (“FTC”) issued a significant decision in which it held that LabMD, a former clinical laboratory, engaged in “unfair” practices in violation of Section 5 of the FTC Act because it failed to …
Sixth Circuit Becomes Latest Court to Find Standing in a Data Breach Lawsuit
9/23/16
By: David Cole
The majority of lawsuits filed by consumers over data breaches in recent years have been successfully defended by arguments that the plaintiffs lacked standing to bring the lawsuit. To have standing, a plaintiff must be able to …
Beware of Ransomware: New Guidance on Ransomware and HIPAA
9/13/16
By: Amy Bender
As hackers have become more sophisticated and creative, so have the tools they use to compromise computer and data systems. One such tool is ransomware, which is a type of malware that, as its name implies, …
OCR Casts a Wider Net on HIPAA Breaches
8/29/16
By: Agne Krutules
Under the Health Insurance Portability and Accountability Act (HIPAA), covered entities and their business associates have duties under the Privacy Rule and the Security Rule to protect patient health information. The U.S. Department of Health and Human …
Sprouts Farmers Market Faces Class Action Lawsuit After Falling Prey to Phishing Scam
5/24/16
By: Kacie Manisco
Sprouts Farmers Market, Inc. is one of the latest companies to fall prey to the recent series of phishing scams targeting employee W-2 data. As a result, the company has found itself defending against a class action …
SCOTUS Clarifies Standing Requirements in Long-Awaited Spokeo Opinion
5/18/16
By: Matthew Foree
On Monday, the Supreme Court of the United States issued its anticipated opinion in the Spokeo, Inc. v. Robins case. Robins alleged that Spokeo, which operates a “people search engine,” violated the Fair Credit Reporting Act by …