Showing 28 posts in Privacy.
The Children’s Online Privacy Protection Act (“COPPA”) was enacted in 1998 and was created to address concerns with the online collection of children’s personal information. Recently, the Federal Trade Commission (“FTC”) has announced several large fines for companies not in compliance. Read More ›
How are Businesses Preparing for Proposed Federal Data Privacy Legislation? Part One: Understanding Current Proposals
Federal data privacy legislation in the United States is looking increasingly likely to pass in the foreseeable future. This renewed outlook is a stark change for those who remember previous legislative proposals, like the 2009 Personal Data Privacy and Security Act that never received a floor vote. Read More ›
Categories: Cybersecurity, Privacy
Data privacy and cybersecurity concerns are changing the way potential investors and acquirers evaluate a target company through due diligence. Data and security related risks can be extremely costly – especially those that are not uncovered in due diligence. Read More ›
For an introduction to these areas, visit Taylor's previous video, an Introduction to Data Privacy, Cybersecurity and Third Party Vendor Management.
In recent years, security risks and data breaches have increased and businesses are working to be better equipped to respond to emergency cyber attack and breach situations. Read More ›
On June 28, California governor Jerry Brown signed into law the California Consumer Privacy Act of 2018. The Act will significantly impact companies (including many based outside of California) and United States legislation in the coming months, although it is unclear whether the new law will serve as an example for other states or an outlier. Importantly, the Act contains a number of "GDPR-like" features, making it the most restrictive data privacy law that the United States has ever seen. Read More ›
It's not hyperbole to say that the General Data Protection Regulation's May 25th enforcement date marks one of the largest shifts in the history of privacy laws. Read More ›
This is the first article in a series on Third Party and Vendor Management. The next article in this series discusses provisions for vendor contracts. Read More ›
Recently, international travelers have noticed US Customs and Border Protection agents with increased interest in searching cell phones, laptops, and other portable technology. Employers should be aware that this trend increases the risk that an unauthorized individual will access sensitive company information, which could result in an inadvertent data breach.
Some international travelers have been asked by border agents to unlock cell phones or provide a password needed to unlock the device. One report included a customs agent threatening to seize a travelers' phone if he did not unlock his cellphone. Employers are rightfully concerned that these searches may allow unauthorized individuals to access sensitive company information. Read More ›
In 2016 Lansing, MI's Board of Water and Light fell victim to a cyber-attack that resulted in $2.4 million in costs, including a $25,000 ransom paid to the perpetrators. In the aftermath of the breach, BWL announced that it was filing for a $1.9 million insurance claim under its cyber insurance policy, including $2 million in covered losses, less a $10,000 deductible.
There is a lot at stake for businesses when it comes to cyber-crime, which is why more and more businesses are investigating and purchasing cyber insurance to hedge against the risks associated with cyber security and data privacy. Read More ›
No matter how carefully, thoughtfully and diligently a company works to prevent it, data breaches happen. Company management, IT teams and outside consultants can do everything right and still end up dealing with a breach. That means that knowing how to best respond when (not if) a breach happens should be part of every company’s data protection strategy.
We recommend that every company assemble a security breach team, consisting of individuals inside and outside of the organization who possess different skill sets. This may include technology officers, as well as staff from IT, human resources, communications, legal departments, outside counsel, and outside vendors. The composition of the team will depend on the type and size of the organization, but each member should be in a position and have skills that enable the organization to quickly and properly respond to an incident. The team must also be equipped, authorized and empowered to evaluate and immediately react to an incident once it has occurred. Read More ›
- Electronic Health Records
- Tax-Exempt Organizations
- Fraud & Abuse
- IT Contracts
- Cloud Computing
- Venture Capital/Funding
- Radio Broadcasts
- Intellectual Property
- Employee Benefits
- Personal Publicity Rights
- Did you Know?
- Digital Assets
- Domain Name Registration
- Social Media
- Trade Secrets