With the passage of the Defend Trade Secrets Act (DTSA), the federal government handed businesses a lethal new weapon to protect trade secrets in federal court. There should be champagne popping in boardrooms everywhere. Why, you ask? Access to federal courts in and of itself is a major boon for businesses. Any seasoned litigator knows… Read More
Insights
THE ADA’s Dental Debacle
By: Joel A. Holt, Esq., CIPP/US Talk about the ever changing world of information security and data privacy. Literally, something new, interesting, or terrible occurs daily. The latest giant balloon in the “parade of horribles” is the American Dental Association (“ADA”) providing its members with a free, electronic copy of the 2016 Dental Procedure… Read More
Clapper Claptrap…Data Breach Class Actions Are Alive and Kicking.
While attending the recent ABA Internet of Things Institute, I heard something troubling from a particular panelist, a data breach class action defense attorney. This attorney, from a monolithic law firm, proclaimed that data breach class-actions were, essentially, on life support as result of the U.S. Supreme Court’s (“SCOTUS”) decision in Clapper v. Amnesty Int’l… Read More
Internet of Things Institute: Day One Takeaways
Day 1 of the ABA Internet of Things Institute: So, come to find out, the Internet of Things (“IoT”) is not the precursor to SkyNet or a rampant abuse of power by Big Brother. It is fascinating, and yes, slightly frightening. The simple fact is, the IoT is just like any other rapid advance in… Read More
Hungry, Hungry HIPAA
One recent case that didn’t get much attention, but should have, clarifies Ohio health care providers’ potential exposure for the unauthorized disclosure of patient health information (“PHI”). On August 14, 2015, the Second District Court of Appeals decided Sheldon v. Kettering Health Network. [i] In Sheldon, the Second District addressed patients’ rights related to the… Read More
Information Security and Privacy Round-Up: Memphis Neurology & Fazio Mechanical
Information security and privacy is an incredibly broad and pervasive topic. It spans across industries, relates to private and public sectors, affects small business to publicly traded companies, is governed by federal and state legislation, is enforced by regulators and courts, and incorporates IT and legal solutions. Information is the DNA of the… Read More
Budgeting for Information Security
Creating a Budget and Optimizing the Money Spent. Traditionally, there has been a lack of organizational focus on information security (IS) as a strategic priority.
CFPB’s DWOLLA Enforcement Action: A Warning to Small Financial Institutions
For the first time since its inception, the Consumer Financial Protection Bureau (CFPB) brought the regulatory hammer down on an organization for allegedly misrepresenting the robustness of its data security program to consumers.
Information Governance: Culture of Security vs. Culture of Compliance
Organizations can, and often do, make the mistake of classifying information security as only a compliance matter. Much like taxes, workplace safety, and human resources, information security is governed by a complex set of statutes and regulatory rules. However, unlike the aforementioned areas, information security cannot adequately be solely addressed as a compliance matter.
Events on Ground Corroborate Experts’ Identification of Ransomware as 2016 Top Threat
On February 5, 2016, Hollywood Presbyterian Medical Center was the target of a ransomware attack, in which malefactors seized control of the hospital’s computer systems and demanded a ransom in exchange for returning control.[i] Initial reports indicated that the malefactors demanded 9,000 bitcoin, or $3.6 million, to unlock the system.[ii] On February 17, 2015, the… Read More