As a privacy officer, what keeps you up at night?
Is it the ransomware boogeyman, or perhaps the data breach creeps?
Whatever it may be, Epstein Becker Green litigators J.T. Wilson III, Stuart Gerson, and Brian Cesaratto are here to shed light on the subject in this episode of Speaking of Litigation.
On October 27, 2023, the Federal Trade Commission (“FTC”) approved an amendment to the Safeguards Rule that requires non-banking financial institutions (e.g., mortgage companies, mortgage brokers, and creditors) to notify the FTC when certain data breaches and other security events occur. The Safeguards Rule, promulgated by the FTC in 2002, has long required non-banking financial institutions to create, implement, and maintain a comprehensive security program to keep the information and data of its customers safe. Now, if one of these institutions suffers a security ...
In a recent Press Release dated December 15, 2021, the Office of the Attorney General for the State of New Jersey (the “N.J. Attorney General’s Office”) announced the settlement, via consent order, of alleged HIPAA violations involving three, New Jersey based cancer treatment providers, In the Matter of RCCA MSO LLC, Regional Cancer Care Associates LLC, and RCCA MD LLC. Two key takeaways from this matter are that New Jersey based health care providers need to be wary of state as well federal authorities when it comes to information security and related policies and warrant substantial investments in cyber security.
There are cybersecurity lessons to be learned from high profile data breaches and the ensuing regulatory responses. The recent well-publicized Twitter hack is no different. According to the New York State Department of Financial Services (“NYSDFS”) investigation and report, on July 15, 2020, a 17-year old hacker and his accomplices easily misled Twitter’s employees into disclosing their credentials resulting in a breach of Twitter’s network and the hackers’ takeover of accounts assigned to high-profile users in just a 24-hour period. The NYSDFS concluded that ...
Blog Editors
Recent Updates
- Mastering Legal Writing: Elevate Your Written Advocacy – Speaking of Litigation Video Podcast
- DOJ’s First Civil Cyber-Fraud Initiative Litigation Serves as Warning to Government Contractors Who Fail to Abide by Contractual and Statutory Cybersecurity Requirements
- DOJ Updates Its Evaluation of Corporate Compliance Programs to Address New Technologies, Reinforce Promoting a “Speak Up” Culture, and Ensure Data Transparency
- Why Executive Teams Should Prepare for the Cybersecurity and Fraud Risks of Deepfakes
- Key Takeaways From Recent Amendments to the New Jersey Court Rules