The answer to this question may depend on the actions that the insured takes when it applies for coverage and during the period the policy is in force. The demand for cyberinsurance that is intended to cover exposures from data breaches, among other things, has exploded in recent years, reports The Hill. This is
SEC’s Division of Investment Management Issues Cybersecurity Guidance
In Guidance Update No. 2015-02, the Division of Investment Management (Division) of the Securities and Exchange Commission (SEC) issued some high-level suggestions concerning the importance of cybersecurity for registered investment companies and registered investment advisers. The guidance outlines a number of measures these entities should consider for addressing cybersecurity risks. Of course, while some
EEOC Wellness Program Regulations Offer Best Practices for Medical Record Confidentiality
As reported on our Benefits Law Advisor, the EEOC has issued proposed wellness program regulations. Much of the attention to those proposed rules understandably will be how they would affect the incentives employers have implemented to spur their employees to engage in healthier behaviors. The proposed rules also address, however, the confidentiality provisions under
Next Step in U.S. Postal Service Breach – NLRB Sues Postal Service
As discussed in an earlier post, shortly after the United States Postal Service reported a data breach potentially affecting hundreds of thousands of employees, the American Postal Workers Union filed an unfair labor practice with the National Labor Relations Board alleging the Postal Service should have bargained with the union over the impact and
Email Autofill Error Exposes Personal Information of G20 World Leaders
With breaches caused by payment card thieves and hackers dominating the news, it is easy for mid-sized and small companies to think that data breaches are unfortunate events that affect only large companies. Not only is this sentiment misguided, but in relative terms the information contained in exposed emails can cause far more damage to
Checklists Not Enough When Developing a WISP, FTC Director Comments at IAPP Global Privacy Summit
This year’s IAPP Global Privacy Summit was very informative on a number of fronts, including the helpful insight provided by officials at the Federal Trade Commission (FTC) on a range of topics. A good summary of some of their comments can be found here, which includes concerns they expressed about the Consumer Privacy Bill
Illinois Attorney General Seeks Stronger Data Breach Notification Law, Requirement to Safeguard Personal Information
Reacting to a report that identity theft was a top concern for Illinois residents (second in a list of ten), Attorney General Lisa Madigan announced a legislative proposal to strengthen the state’s existing data breach notification law. The call for stronger breach notification laws is a trend that has emerged in other states, such as
Peer Review Confidentiality Requirement Protects Physician Reviewers from Adverse Employment Action, New Mexico Supreme Court Rules
When a physician participated in the peer review of another physician and his conduct during the review became the basis for adverse employment action against him, the New Mexico Supreme Court, in Yedidag v. Roswell Clinic Corp., ruled that the reviewing physician had a private cause of action against his employer, and affirmed the
Secretary in Germany Successfully Challenges Employer’s Monitoring…Is Your Monitoring Program Defensible?
According to a report by Deutsche Welle, the German Federal Labor Court held that employers may monitor employees only when they have concrete suspicions of wrongdoing that are based on fact. In the U.S., the standards for engaging in monitoring employees may not be quite that high, but employers should be thinking about whether
ACA Information Reporting Creates Data Privacy and Security Issues
During this year, businesses will be hearing a lot about the Affordable Care Act’s (ACA’s) information reporting requirements under Code Sections 6055 and 6056. Information gathering will be critical to successful reporting, and there is one aspect of that information gathering which employers might want to take action on sooner rather than later – collecting