Privacy Compliance & Data Security Blog

Privacy compliance and electronic data security affect almost every business. Data breach prevention is essential. Fox Rothschild's Privacy Compliance & Data Security Blog will help readers navigate through the policies and best practices of data breach response. The Blog covers topics including compliance with data protection laws and regulatory enforcement and litigation as well.

Recent Blog Posts

  • Top Cybersecurity Pros Deliver Insights at Fox’s Inaugural Privacy Summit In a daylong Privacy Summit at Citizens Bank Park in Philadelphia, the co-chairs of Fox Rothschild’s Privacy & Data Security practice group led a series of panel discussions with leading cybersecurity professionals and government officials. Elizabeth Litten moderating “Looking Inward: Risk Management Part I” Fox partner Elizabeth Litten, who serves as Fox Rothschild’s HIPAA Privacy & Security Officer, and partner Mark McCreary, the firm’s Chief Privacy Officer, moderated a two-part panel series examining cyber risk management for protecting company data. The first... More
  • Fox Rothschild Survey Shows Top Execs Know Cyber Risks, But Fall Short on Prevention Many company leaders appear to understand and recognize cyber threats, but far too few have implemented vital defenses. In the fourth quarter of 2017, we spearheaded a sweeping, cross-industry survey of chief executives to gauge corporate cybersecurity preparedness. The results revealed important organizational issues. The survey showed C-suite corporate leaders know their companies’ data is at risk but are not taking adequate measures to protect that data. Awareness: More than half of C-level officers recognized their companies were at high or very high... More
  • Cross-Border Transfers of Personal Data in Light of GDPR The European General Data Protection Regulation (GDPR) comes into force on May 25, 2018.  This gives companies only two months to prepare for and comply with the GDPR. Companies should be conducting data mapping to identify all cross-border transfers of personal data so that they can determine the best way to comply with the GDPR requirements. The GDPR has been, perhaps, the most widely talked about privacy regulation for the past year and a half after it was approved by the... More
  • Cambridge Analytica “Data Breach” Poses Real Risks for Facebook Recent news that Facebook has suspended research firm Cambridge Analytica for improperly collecting users’ personal data without their knowledge may not constitute a classic “data breach,” but it poses real risks for the popular social media platform. Fox Rothschild Partner Scott Vernick, founder of the firm’s Privacy & Data Security Practice, discussed the implications for Facebook, and the next steps the company should take, in an interview with the TD Ameritrade Network. “Consumers do select companies and want to do business with... More
  • Health and Human Services’ OCR Chief: No Slowdown in HIPAA Enforcement Roger Severino, director of the Department of Health and Human Services’ Office of Civil Rights, told HIMSS18 conference attendees this week that he plans no slowdown in HIPAA enforcement. “I come from the Department of Justice Office for Civil Rights; I bring that mindset to OCR. We’re still looking for big, juicy egregious cases” for enforcement, Severino said, according to this report in Data Breach Today. That doesn’t mean smaller companies should assume they are off the radar, he added. He said 2017... More
  • National Restaurant Association Releases New CyberSecurity Guide Restaurant businesses deal with a large amount of personal data. The National Restaurant Association released a must-read guide for restaurant operators on how to increase their cybersecurity efforts. Franchising, Licensing & Distribution partner Eleanor Vaida Gerhards explains on the Franchise Law Update blog how the guide takes the cybersecurity framework prepared by the National Institute of Standards and Technology and adapts it for use in the restaurant hospitality industry. Because restaurants have to handle the personal information of their customers, they’re constantly at risk... More
  • Latest Estimate Puts Cybercrime Tab at $600 Billion and Rising The cost of cybercrime continues to rise, driven by increasingly sophisticated cybercriminals and a growing pool of new and often unsophisticated internet users, according to a new report from internet security firm McAfee and the Center for Strategic and International Studies. “Cybercrime is relentless, undiminished, and unlikely to stop. It is just too easy and too  rewarding, and the chances of being caught and punished are perceived as being too low,” the report states. The report, “Economic Impact of Cybercrime—No Slowing Down,” estimates... More
  • Why GDPR Matters to U.S. Companies With the European’s Union’s new General Data Protection Regulation (or GDPR) taking effect in less than 100 days, the interest of many U.S. Companies has been piqued as to how the GDPR may affect their overseas and internet-based businesses.  This article on, “Why GDPR Matters,” which I co-authored with Bill Shipp from Vaxient, LLC and Jonathan Marks, CPA from Marcum, LLP, tackles this hot issue and answers why GDPR should matter to U.S. companies in a wide variety of industries. To... More
  • Major Portion of January Data Breaches Target Health Care Usernames and passwords were exposed in a number of reported data breaches. According to the monthly report from the Identity Theft Resource Center, the health care industry suffered more data breaches in January than government, educational and financial sectors combined. Medical and health care-related data breaches accounted for 26.7 percent of the verified 116 data breaches in early 2018. The report defines a breach as a cybersecurity incident in which personal information such as emails, medical records, Social Security numbers or driver’s... More
  • Comptroller Sounds Alarm About Banks’ Vulnerability to Cyberattacks The U.S. Treasury’s Office of the Comptroller of the Currency is out with its first Semiannual Risk Perspective report under Trump appointee Joseph Otting. It’s not terribly rosy from a cybersecurity perspective, reports Bloomberg News. The Comptroller’s office singled out cyberattacks as an increasing risk: “U.S. Banks are facing a growing threat from cyberattackers and making defense against them more complex by relying on third-party firms for support,” Bloomberg reports. In addition, banks are facing attacks from hackers that exploit weaknesses in clients’ security,... More