New York Department of Financial Services Provides Guidance On Cybersecurity Regulation; Colorado Financial Regulator Proposes Cybersecurity Rules Affecting Broker-Dealers and Investment Advisers

By | Privacy Law Blog | April 21, 2017
Tiffany Quach In April 2017, the New York Department of Financial Services (the “DFS”) released guidance on interpreting 23 NYCRR Part 500, its recently promulgated regulation that requires banks, insurance companies and other financial services institutions regulated by the DFS to adopt broad cybersecurity programs (the “Regulation”), in the form of a frequently asked questions (“FAQ”) document and a list of key dates. View Full Post
Tweet Like LinkedIn LinkedIn Google Plus

Small Healthcare Provider Pays $31,000 for Failing to Have a Business Associate Agreement with File Storage Vendor

Disclosing protected health information (PHI) to a business associate without a compliant business associate agreement (BAA) is an improper disclosure under the HIPAA privacy and security regulations. According to the HHS Office for Civil Rights (OCR), an error like that can cost a small healthcare provider $31,000. View Full Post
Tweet Like LinkedIn LinkedIn Google Plus

Now Available: The April Issue of Our Socially Aware Newsletter

03_April_SociallyAware_thumbnailThe latest issue of our Socially Aware newsletter is now available here. In this edition, we explore the threat to U.S. jobs posed by rapid advances in emerging technologies; we examine a Federal Trade Commission report on how companies engaging in cross-device tracking can stay on the right side of the law; we take a look at a Second Circuit opinion that fleshes out the “repeat infringer” requirement online service providers must fulfill to qualify for the Digital Millennium Copyright Act’s safe harbors; we discuss a state court decision holding that Section 230 of the Communications Decency Act immunizes Snapchat from liability for a car wreck that was allegedly caused by the app’s “speed filter” feature; we describe a recent decision by the District Court of the Hague confirming that an app provider could be subject to the privacy laws of a country in the European Union merely by making its app available on mobile phones in that country; and we review a federal district court order requiring Google to comply with search warrants for foreign stored user data. View Full Post
Tweet Like LinkedIn LinkedIn Google Plus

Deeper Dive: Protecting Paper Records

By | Data Privacy Monitor | April 20, 2017
Data-Incident-ReportOur third annual BakerHostetler Data Security Incident Response Report analyzes the more than 450 data security incidents we led clients through in 2016, and includes a number of interesting trends relating to the causes of incidents, how companies are identifying and responding to incidents, and the regulatory and litigation trends after an incident is disclosed. View Full Post
Tweet Like LinkedIn LinkedIn Google Plus

Six Tips to Consider in Hiring Privacy and Data Security Experts

Facing increasingly pervasive issues relating to privacy and data security companies are faced with what qualifications they should think about when looking to hire experts in these areas, and their role within the company is becoming increasingly vital. Moreover, unlike hiring for other positions it is common that a CEO lacks the knowledge and background to adequately assess whether such an individual has the right expertise, and later on how they are performing in the position. View Full Post
Tweet Like LinkedIn LinkedIn Google Plus

WG6 MEMBERSHIP-BUILDING EVENT, CHICAGO, IL

By | The Global Privacy Watch | April 20, 2017
Sedona conference logo When:           Monday, April 24, 2017 Where:          Offices of Seyfarth Shaw LLP, Chicago, IL Sign in:          5:00 – 5:30 pm Event:            5:30 – 6:30 pm Reception:    6:30 – 7:30 pm Topic: Interactive Dialogue concerning The Sedona Conference® International Litigation Principles (Transitional Edition): Practical Help for Companies with the EU General Data Protection Regulation and Privacy Shield Please join us for a Working Group 6 (WG6) Membership-Building event at Seyfarth Shaw on Monday, April 24, 2017, [Sign in: 5:00 pm; Event: 5:30 pm; Reception: 6:30 pm]. View Full Post
Tweet Like LinkedIn LinkedIn Google Plus