{ Banner Image }

Showing 44 posts by Taylor A. Gast.

SEC-Regulated Companies Should Address Cybersecurity to Avoid Enforcement Risks

If 2018 was any indication, cybersecurity compliance should be high on the list of SEC-regulated companies’ priorities in 2019. Take, for example, the SEC’s 2018 enforcement action against Voya Financial Advisor, Inc. (“Voya”) for violation of the Red Flags Rule, which resulted in a $1 million settlement. Read More ›

Categories: Compliance, Cybersecurity

Are Boards of Directors Responsible for Cybersecurity?

Whose responsibility within a company is cybersecurity? Should key decisions fall to IT, or should higher management be involved more heavily in day-to-day cybersecurity risk management? Given the large fines and compliance obligations facing companies today, it’s probably obvious to most that data privacy and security is not just a technology issue. Read More ›

Categories: Cybersecurity, Digital Assets

How are Businesses Preparing for Proposed Federal Data Privacy Legislation? Part One: Understanding Current Proposals

Federal data privacy legislation in the United States is looking increasingly likely to pass in the foreseeable future. This renewed outlook is a stark change for those who remember previous legislative proposals, like the 2009 Personal Data Privacy and Security Act that never received a floor vote. Read More ›

Categories: Cybersecurity, Privacy

Cybersecurity and Data Privacy Considerations in Due Diligence

Data privacy and cybersecurity concerns are changing the way potential investors and acquirers evaluate a target company through due diligence. Data and security related risks can be extremely costly – especially those that are not uncovered in due diligence. Read More ›

Categories: Cybersecurity, Did you Know?, Digital Assets, Privacy

Ohio Enacts Unique Safe Harbor to Reduce Data Breach Litigation Risks

On November 2, 2018, Ohio became the most recent state to update its data breach laws by enacting the Ohio Data Protection Act. Read More ›

Categories: Cybersecurity, Digital Assets

California Enacts Sweeping Privacy Legislation

On June 28, California governor Jerry Brown signed into law the California Consumer Privacy Act of 2018. The Act will significantly impact companies (including many based outside of California) and United States legislation in the coming months, although it is unclear whether the new law will serve as an example for other states or an outlier. Importantly, the Act contains a number of "GDPR-like" features, making it the most restrictive data privacy law that the United States has ever seen. Read More ›

Categories: Cloud Computing, Did you Know?, Digital Assets, Privacy

Cybersecurity Concerns in Health Care

Health care systems are eager to adapt to newer technology and widespread network options, all in the name of giving patients the best possible care. However, this comes with a price: more outlets for hackers to breach valuable data.  Read More ›

Categories: Cybersecurity, Electronic Health Records

GDPR Has Arrived and My Company Isn't Ready. Now What?

It's not hyperbole to say that the General Data Protection Regulation's May 25th enforcement date marks one of the largest shifts in the history of privacy laws. Read More ›

Categories: Cloud Computing, Compliance, Cybersecurity, Digital Assets, Liability, News, Privacy

Potential $13.5 Million Uber Fine Highlights the Importance of Risk-Based Breach Response

The legal fallout from ridesharing service Uber's 2016 data breach, which affected approximately 57 million riders and drivers, has been significant. Read More ›

Categories: Cybersecurity, Did you Know?, Lawsuit

Make Sure Your Holiday Gifts Don’t Get You Fined

On December 12, 2017 President Trump signed the National Defense Authorization Act. In part, the Act requires registration of all drones weighing more than .55 and up to 55 pounds, if you plan on flying them outside. Read More ›

Categories: Compliance, Did you Know?, Regulations