Menu

PH Privacy

State AGs Reach Settlement with Nationwide Over 2012 Data Breach
On August 9, 2017, attorneys general representing 32 states and the District of Columbia announced a settlement with Nationwide Mutual Insurance Co. and its unit Allied Property & Casualty (collectively, “Nationwide”) to resolve the states’ investigation into the company’s 2012 data breach.
Bi-Partisan Group of Senators Propose IoT Cybersecurity Legislation
On August 1, 2017, a bipartisan group of senators introduced the Internet of Things (IoT) Cybersecurity Improvement Act of 2017 that would require IoT devices purchased by the U.S. government to meet certain minimum security requirements.
Apple Opens New Data Center in China to Comply with the PRC’s New Cybersecurity Law
In a move that sets the stage for other global companies doing business in China, Apple announced on July 12, 2017, that it will open a new data center in China to locally host data in order to comply with China’s new cyber security law.
Complying with COPPA: FTC Releases Updated Six-Step Compliance Plan for Businesses
Earlier this week, the Federal Trade Commission issued an updated Six-Step Compliance Plan for Businesses to comply with the Children’s Online Privacy Protection Act (COPPA) Rule. We summarize two key changes in the updated plan and provide a short refresher on the six steps your company should take when considering COPPA.
Protecting Your Networks, and Your Brand: How to Avoid and Respond to Ransomware Attacks
Ransomware is daunting, but make no mistake: it is preventable. We outline how to protect your company, and how to respond if attacked.
Swiss Privacy Shield Update: Get Ready to Certify on April 12
In less than a month, on April 12, the U.S. Department of Commerce (“Commerce”) will begin accepting applications for the Swiss-U.S. Privacy Shield Framework (“Swiss-U.S. Privacy Shield”).
New York’s New Cybersecurity Rule for Financial Institutions & How It May Affect You
New York’s top banking regulator, the New York Department of Financial Services (“NYDFS"), recently issued a revised rule, effective March 1, 2017, that requires banks, insurance companies and other financial institutions regulated by NYDFS to establish and maintain a comprehensive cybersecurity program to respond to the growing threat of cyber-attacks.
40-Day Delay in HIPAA Breach Notification Costs Illinois Health System $475,000
The U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”), has recently announced its first Health Insurance Portability and Accountability Act (“HIPAA”) enforcement action for failure to timely comply with the HIPAA Breach Notification Rule (“Rule”), which came into effect in 2009.
FTC Staff Releases New Report on Cross-Device Tracking Recommending Transparency and Choice for Consumers
On January 23, 2017, the Federal Trade Commission (“FTC”) released a staff report on cross-device tracking (“Report”). The Report follows the discussions from the FTC’s November 2015 Cross-Device Tracking Workshop, which was part of a series of efforts to promote self-regulation and develop principles for the online behavioral advertising industry.
D-Link Challenges FTC’s Continued Pursuit of “Unfair” Security Practices Absent Evidence of Harm; Calls Allegations “Unsubstantiated and Vague”
Earlier this week, D-Link Systems, Inc. (“D-Link”), responded to the Federal Trade Commission (“FTC”) complaint challenging D-Link’s security practices for its routers and Internet Protocol (“IP”) cameras, calling the claim “unsubstantiated and vague”.
1 2 3 4