Blog Archives

Senators Introduce Data Care Act to Establish Duties for Online Service Providers

Posted on December 18, 2018 by Taylor Widawski

On December 12, 2018, Senator Schatz (D-HI), along with 15 other Senators, introduced the Data Care Act of 2018 “to establish duties for online service providers with respect to end user data that such providers collect and use.” The bill…

Tagged with: cyber security, data security, FTC, GDPR, hearings, legislation, policies and procedures, privacy, regulations
Posted in FTC, Legislation, Privacy, Standards

California Passes Internet of Things Law

Posted on November 2, 2018 by Taylor Widawski

California continues to pave the way for privacy and cybersecurity legislation as Governor Brown recently signed the first Internet of Things (“IoT”) security law in the United States (SB-327). While connected devices offer users convenience and efficiency, California lawmakers recognized…

Anthem Agrees to Record Data Breach Settlement

Posted on October 16, 2018 by Matthew Siegel

In the wake of the largest U.S. health care data breach in history, Anthem, Inc., has agreed to pay $16 million to the Office for Civil Rights, which is a record settlement for alleged HIPAA violations. According to the Department…

Tagged with: breach, corrective action plan, cybersecurity, data security, ePHI, hacking, OCR
Posted in Cyberattack, Data Breach, Data Security, HIPAA, OCR

Updated SEC Guidance Highlights Importance of Solid Cybersecurity Policies and Procedures

Posted on March 16, 2018 by Matthew Siegel

The Securities and Exchange Commission (“SEC” or “Commission”) has given public companies a heads up on where the Commission is setting its sights in the ever-developing world of cybersecurity. Here’s what you need to know, and what you need to…

EU’s New Privacy Law—What You Need to Know

Posted on December 08, 2017 by Matthew Siegel, Ude Lu

The European Union (EU) Parliament’s new data privacy law, known as the General Data Protection Regulation (GDPR), is set to become enforceable in all EU member states on May 25, 2018, just six months from now. The GDPR replaces the…

Cybersecurity Best Practices — How General Counsel Can Prepare For The Worst

Posted on November 06, 2017 by Matthew Siegel, Ethan Price-Livingston

Take note GCs: The question is not if you will have to respond to a cybersecurity incident—the question is when. That was the message from speakers and panelists at the Association of Corporate Counsel’s annual meeting this year. Indeed, the…

Financial Services Committee Rounds Out Equifax Hearings

Posted on October 5, 2017 by Rob Freeman

The House Financial Services Committee this morning rounded out a full week of congressional hearings for former Equifax CEO Richard Smith. Chairman Jeb Hensarling (R-TX) reiterated his earlier calls for national standards for data security and breach notifications. Ranking Member…

Equifax Hearings – Round Three

Posted on October 4, 2017 by Rob Freeman

Richard Smith, former Chairman and CEO of Equifax, faced his third congressional hearing in two days, appearing this afternoon before the Senate Judiciary Committee’s Privacy, Technology, and the Law Subcommittee to discuss the recently revealed Equifax data breach and efforts…

Equifax Hearings Continue on the Hill

Posted on October 4, 2017 by Rob Freeman

Former Equifax chief Richard Smith returned to Capitol Hill for a second day of congressional hearings into his company’s data breach, this time appearing before the Senate Banking, Housing, and Urban Affairs Committee. Committee Chairman Mike Crapo (R-ID) characterized the…

House Holds Hearings on Equifax Breach

Posted on October 3, 2017 by Rob Freeman

The House Committee on Energy and Commerce’s Subcommittee on Digital and Consumer Protection held the first in what will be a series of Congressional hearings on the recently revealed data breach at major credit agency Equifax. Former CEO of Equifax…