Technology Law Source

Archives: Data Breach

Subscribe to Data Breach RSS Feed

OFAC updates guidance on ransomware payments and sanctions risk

On Sept. 21, 2021, the Department of Treasury, Office of Foreign Assets Control (OFAC), updated its published guidance regarding sanctions risks associated with making ransomware payments and its official policy on such payments. This updated guidance, taken in conjunction with OFAC’s recent sanctions designation of a cryptocurrency payment exchange frequently used for ransomware payments, and … Continue Reading

Ohio passes new law providing safe harbor to businesses suffering a data breach and amends Ohio law to allow records and contracts secured by blockchain technology

Implementing a cybersecurity framework may begin to pay off for companies doing business in Ohio. As anyone following data privacy litigation knows, litigation stemming from data breach incidents can prove to be extraordinarily burdensome and expensive. Ohio is the first state to pass a law that will limit a business’s exposure in data breach litigation … Continue Reading

Sixth Circuit finds insurance coverage for phishing losses

“The risk of loss due to some form of cyberattack should prompt employers to consider insuring against those losses. But, not all cyberinsurance policies are created equal.” Our colleague, Brian Hall, writes in the most recent Employer Law Report blog post which discusses the recent 6th Circuit case, American Tooling Center, Inc. v. Travelers Casualty and Surety … Continue Reading

UPDATE: All fifty states now have data breach statutes

On July 1, 2018, all fifty states will have active data breach statutes that govern the notification process for companies that experience a data loss incident. Alabama and South Dakota both recently passed data breach laws, representing the last two states to enact data breach legislation. As with other data breach statutes, Alabama and South … Continue Reading

Don’t wannacry? Help your IT staff prevent ransomware

This week our colleagues at Employer Law Report published a post discussing the recent “Wannacry” ransomware attack. In the post, Brian Hall outlines the risks employers may face when dealing with cyber attacks and how human resource departments can help protect their organizations. Click below to read the full article. Don’t wannacry? Help your IT staff prevent … Continue Reading

Porter Wright announces the 2016 Technology Seminar Series

Porter Wright continues its tradition of providing cutting-edge information about how technology affects your business with the 2016 Technology Seminar Series, beginning  May 18. This year’s sessions are: May 18: Big Data, Data Analytics & the Law 2016: What Your Company Needs to Know About the Evolution of the Next Big Thing “Big data” is one of today’s … Continue Reading

Minimizing the damages of health care data breaches

Our colleagues over at Antitrust Law Source recently published a podcast on the inevitable health care data breach and how you can lessen the damages. Some key issues include: when to review data security policies, how to prepare for a potential breach and how to deal with third-party vendor access. Listen to the podcast to … Continue Reading

Leading European privacy law conference points to key themes, suggests strategic directions

A few weeks ago, more than 1,000 academics, legal practitioners and government officials convened for one of Europe’s premier privacy law events: the Computers, Privacy and Data Protection (CPDP) conference in Brussels, Belgium. Europeans dominated this crowd but a significant number of participants from other countries, including the U.S., made this a truly international gathering. I … Continue Reading

Florida ramps up data breach notification law

The Florida Information Protection Act of 2014, aimed at strengthening Florida’s data breach notification law, goes into effect tomorrow, July 1, 2014. The act contains major changes to Florida’s existing data breach notification statute and makes it one of the toughest in the nation. Shortened notice period For example, notice to consumers must be given within … Continue Reading

Porter Wright announces 2014 Technology Seminar Series

Porter Wright continues its tradition of providing cutting-edge information about how technology affects your business with the 2014 Technology Seminar Series, beginning June 18. This year’s sessions are: Social media in litigation: a shield and a sword June 18 The worlds of social media and litigation have collided. Social media evidence is used in employment … Continue Reading

Implementing cloud strategies

As companies struggle with how to develop cloud strategies that are both cost effective and protect sensitive consumer and corporate data, the National Institute of Standards and Technology (NIST) can provide hands-on information to the private sector to help implement a reasonable cloud computing solution. Though NIST provides guidelines to the U.S. Government, the private … Continue Reading

Porter Wright announces four-part seminar series on trending technology, privacy and security issues

On June 19, Porter Wright launches its four-part seminar series covering technology topics at the forefront of today’s businesses. Technology Law Source will continue to cover these topics in future blog posts, including navigating through U.S. and international laws, regulations and standards. The seminar series comprises: Social Media in the Law: Learn It and Use … Continue Reading

Porter Wright Information Privacy and Data Security Workshop Series

Please join us for this informative series focused on the technical, enforcement, and practical aspects of experiencing and responding to a data security incident. For the complete invitation and details on registration please click here. IDENTITY THEFT, CORPORATE DATA SECURITY BREACHES AND LAW ENFORCEMENT: SHOULD I CALL THE COPS? Learn How to Effectively Utilize Law … Continue Reading

HHS Withdrawing Breach Notification Final Rule – Temporarily

The Department of Health and Human Services (HHS) announced yesterday that it was temporarily withdrawing the breach notification final rule from review of the Office of Management and Budget (OMB) to allow HHS further time to consider these regulations.  The breach notification rule, among other things, requires covered entities to notify individuals whose protected health information … Continue Reading

Data Breach Incidents on the Rise

This week, the Identity Theft Resource Center released its 2010 data breach statistics report for data breaches through June 22, 2010. According to this weekly report, 2010 has already seen 325 reported data breaches exposing approximately 8.3 million records. Considering that the 2009 report shows 498 reported data breaches for all of last year, it looks like … Continue Reading

Security Breach Results in Fine Despite Prior Security Measures

In January 2008, the Davidson Companies, a financial services holding company, announced that a database containing current and past customer records had been hacked during a SQL injection attack. On April 14, 2010—more than two years after the network intrusion—the Financial Industry Regulatory Authority (FINRA) fined the company $375,000 for the breach.… Continue Reading
LexBlog