Data Security

Subscribe to Data Security via RSS

Earlier today, the Illinois Supreme Court handed down a significant decision concerning the ability of individuals to bring suit under the Illinois Biometric Information Privacy Act (BIPA). In short, individuals need not allege actual injury or adverse effect, beyond a violation of his/her rights under BIPA, in order to qualify as an “aggrieved” person and

Recently, Business Roundtable, an association for over 200 CEOs of America’s largest companies, released a detailed framework for a national consumer data privacy law that would provide uniformity in an area currently governed by an amalgam of state statutes and regulations. Business Roundtable is hopeful that it has the ear of the Administration and

According to SC Magazine, an escalating number of victims of data breaches in 2017 have led Attorney General Josh Stein and state Rep. Jason Saine to propose updates to the state’s existing data breach notification law – “Act to Strengthen Identity Theft Protections.”

The Act would make a number of changes to

Through its actions and publications, the Security and Exchange Commission (SEC) has shown an increased focus on cybersecurity and the public disclosure of cybersecurity risks and incidents. In early 2018, the SEC issued a statement and an interpretative guide to assist companies with understanding and carrying out the agency’s disclosure obligations concerning cybersecurity risks and

Over the past thirty days, the Office for Civil Rights (“OCR”) has reached three HIPAA breach resolutions, signaling to organizations that are covered entities and business associates under HIPAA, the importance of instituting basic best practices for data breach prevention and response.

On November 26th, the OCR announced a settlement with Allergy Associations

A new bill in the Senate proposes to hold large tech companies, specifically “online service providers”, responsible for the protection of personal information in the same way banks, lawyers and hospitals are held responsible. The Data Care Act of 2018, which was introduced on December 12, 2018, is designed to protect users information online

October 2018 marks the 15th annual National Cyber Security Awareness Month. In honor of this occasion, the Office of the National Coordinator for Health Information Technology (ONC) and the HHS Office for Civil Rights (OCR) have jointly launched an updated HIPAA Security Risk Assessment (SRA) Tool to help covered entities and business associates

On September 23, 2018, Governor Jerry Brown signed into law SB-1121 amending certain provisions of the California Consumer Privacy Act of 2018 (CCPA) which was enacted in June of this year. As we reported previously, CCPA will apply to any entity that does business in the State of California and satisfies one or more

As with prior hurricanes, Florence is a reminder to all organizations of the importance of disaster recovery planning. When a storm approaches, a business’s first concern is protecting its employees/customers, and then its physical property. However, we shouldn’t forget that a natural disaster can also destroy information and technology assets critical to its success and