Blog

Privacy Compliance & Data Security Blog

Privacy compliance and electronic data security affect almost every business. Data breach prevention is essential. Fox Rothschild's Privacy Compliance & Data Security Blog will help readers navigate through the policies and best practices of data breach response. The Blog covers topics including compliance with data protection laws and regulatory enforcement and litigation as well.

Recent Blog Posts

  • After the “WannaCrypt / WannaCry / WCry” Malware, Microsoft Pushes Update to Current and Unsupported Versions of Windows Yesterday we witnessed new ransomware spread across the world with incredible speed and success, bringing businesses to their knees and home users learning for the first time about ransomware and why computer backups are so important. With over 123,000 computers infected, experts believe the “WannaCrypt/WannaCry/WCry” attacks have stopped after researchers registered a domain that the software checks before encrypting.  However, nothing is stopping someone from revising the software to not require that check and releasing it into the wild.  In other... More
  • $2.5 Million Settlement Shows That Not Understanding HIPAA Requirements Creates Risk In one of the best examples we have ever seen that it pays to be HIPAA compliant (and can cost A LOT when you are not), the U.S. Department of Health and Human Services, Office for Civil Rights, issued the following press release about the above settlement.  This is worth a quick read and some soul searching if your company has not been meeting its HIPAA requirements. FOR IMMEDIATE RELEASE  April 24, 2017 Contact: HHS Press Office  202-690-6343  [email protected]  $2.5 million settlement shows that not understanding HIPAA... More
  • Don’t Get Caught in ‘Phishing Season’ With tax season in full swing, a different season is impacting businesses across all industries: “phishing season.” Copyright: fberti / 123RF Stock Photo “Phishing” or “spear phishing” refers to cyberattack scams that target certain individuals within an organization with the hope of gaining access to valuable information. These scams take advantage of the busy tax season, the desire to promptly respond to purported upper management and social engineering employees in order to target and trick only employees with immediate access to sensitive employee... More
  • March 15: Scott Vernick To Speak on Developments in Data Privacy and Security at Argyle Chief Legal Officer Leadership Forum in New York On March 15, Fox Rothschild partner Scott Vernick will participate in a panel discussion on Developments in Data Privacy & Security as part of the 2017 Argyle Chief Legal Officer Leadership Forum. The Forum will take place from 8 a.m. to 5 p.m. at the Convene Conference Center at 730 3rd Ave in New York City. Scott and his fellow panelists will discuss the evolution of the GC role to include cybersecurity and data privacy, how cybersecurity fits into an organization’s risk management structure,... More
  • Article in Bloomberg BNA: The Right To Be Forgotten – Protection or Hegemony? Copyright: hywards / 123RF Stock Photo France’s data protection regulator – the  Commission Nationale de L’Informatique et des Libertés (CNIL) – ordered Alphabet Inc.’s Google in 2015 to comply with the right to be forgotten. If the ruling is upheld, the approach to personal privacy threatens the equal and competing legitimate freedom of expression and access to information rights of businesses and consumers outside the European Union. Scott L. Vernick and Jessica Kitain recently authored the Bloomberg BNA Privacy and Security Law Report... More
  • United States and Canada Warn Citizens and Organizations About Ransomware The United States and Canada have teamed up to alert both nations of the threat of ransomware, illustrating the harmful impact of these cyberattacks to individuals and organizations all over the world. The United States Computer Emergency Readiness Team (US-CERT) within the Department of Homeland Security (DHS) and the Canadian Cyber Incident Response Centre (CCIRC) jointly issued alerts in response to ransomware variants infecting computers in the healthcare industry in the United States, New Zealand and Germany. The alert gives useful information... More
  • Letter to New York State Banks and Insurance Companies: New Cybersecurity Regulations Likely (Part 2 of 2) In my previous post, I reviewed the New York State Department of Financial Services’ (NYDFS) findings and conclusions of survey results of financial institutions and insurers’ programs, costs, and future plans related to cybersecurity. Anthony J. Albanese – Acting Superintendent of Financial Services – writes in a November 9, 2015 letter to Financial and Banking Information Infrastructure Committee (FBIIC) Members that these conclusions have demonstrated a need for new cybersecurity regulations for financial institutions. Such “robust regulatory action” would be a coordinated... More
  • Letter to New York State Banks and Insurance Companies: New Cybersecurity Regulations Likely (Part 1 of 2) In reaction to two surveys of more than 150 regulated banking organizations and 43 regulated insurers in New York, the state’s Acting Superintendent of Financial Services issued a letter to all Financial and Banking Information Infrastructure Committee (FBIIC) Members addressing the need for potential new cybersecurity regulations in the financial sector. The New York State Department of Financial Services (NYDFS) expects that the November 9, 2015 letter will trigger more “dialogue, collaboration and, ultimately, regulatory convergence” among New York agencies on... More
  • Privacy v. Security: The Battle Between Apple and the FBI Fox Partner and Chair of the Privacy and Data Security Practice Scott L. Vernick was a guest on Fox Business’ “The O’Reilly Factor” and “After the Bell” on February 17, 2016, to discuss the controversy between Apple and the FBI over device encryption. A federal court recently ordered Apple to write new software to unlock the iPhone used by one of the shooters in the San Bernardino attacks in December. Apple CEO Tim Cook has vowed to fight the court order. The... More
  • The White House’s New Cybersecurity National Action Plan The White House is building on recent laws addressing cybersecurity in the United States with the release of a new Cybersecurity National Action Plan (“CNAP”). The plan focuses on: improving cybersecurity awareness and protections; additional privacy and security protections for individuals through the creation of a permanent Federal Privacy Council; maintenance of public safety, economic security and national security through a new Commission on Enhancing National Security; and encouraging citizens to take better control of their digital information and security. CNAP includes a request to... More