There has been a groundswell of effort by the U.S. Government to address growing cybersecurity risks in industry sectors from finance to energy.
When we think about protecting customer and employee data, we often think that the biggest hazards are outside hackers.
A Different Kind of “Virus”: FDA Follows NIST Framework in Cybersecurity Guidance for Medical Devices
In past posts we’ve taken a close look at the Framework for Improving Critical Infrastructure Cybersecurity put forth by the National Institute of Standards and Technology (NIST), exploring its wide-ranging implications for companies across a number of different industries.
California Updates State Breach Notification Law, Expands Security Procedures to Entities That “Maintain” Personal Information
On September 30, 2014, California took further steps to protect the personal information of its residents by amending several sections of its breach notification and information security laws (Cal. Civ. Code §§ 1798.81.5, 1798.82 and 1798.85).
California governor Jerry Brown recently signed into law AB 1710, requiring businesses that handle customer data to provide identity theft prevention services at no charge for 12 months following a data breach.
The International Association of Privacy Professionals hosted its annual Privacy Academy, at which one panel, “Data Brokers Demystified,” specifically focused on regulation of the data-broker industry.
In recent months, the Federal Trade Commission (“FTC”) has been steadily ramping up its efforts to monitor, regulate, and provide best practice guidance in the rapidly expanding field of mobile applications
Bray District Court, yesterday, fined a firm of private investigators, and its two directors, €10,500 for unlawfully obtaining personal data.
The Office of the Data Protection Commissioner (ODPC) recently released the results of the second Global Privacy Sweep.