On April 15, 2014 the U.S. Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examination (“OCIE”) announced that it would assess the cybersecurity preparedness of the industry as a whole by examining the practices of 50 registered broker-dealers and investment advisers. OCIE will send tailored requests for information to each selected firm; the […]
Jim Harvey to Speak at National Association of Corporate Directors Program on Mitigating Cybersecurity Risks
Jim Harvey, co-chair of the firm’s Privacy & Data Security practice and the Security Incident Management and Response Team, will be a featured speaker during an April 16 program sponsored by the National Association of Corporate Directors (NACD) titled, “Mitigating Cyber Security Threats: How the Attackers, Their Objectives, Their Methods Keep Changing.” Cyber security threats and […]
Kentucky Becomes 47th State To Require Data Breach Notification; Adds Restrictions on use of “Student Data”
Kentucky Governor Steve Beshear signed a data breach notification bill on April 10, adding Kentucky to the ranks of U.S. states requiring notice to individuals in the event of a data breach and leaving Alabama, New Mexico and South Dakota as the only states that do not require such notice. Kentucky’s data breach notification bill (HB […]
Iowa Updates Data Breach Notification Law to Add Paper Records, AG Notice Requirement
Iowa Governor Terry Brandstad has signed Senate File 2259, an act modifying provisions applicable to personal information security breach notification requirements. Iowa’s law will now require notice of breaches of unauthorized acquisition of information that is on paper (in addition to computerized data) and to require notice to the consumer protection division of the state […]
District Court Denies Wyndham Motion to Dismiss and Supports FTC’s Authority in Data Breach Cases
In Federal Trade Commission v. Wyndham Worldwide Corp., et al., No. 13-cv-01887-ES-JAD (D.N.J. Apr. 7, 2014), Judge Esther Salas of the U.S. District Court for the District of New Jersey denied Wyndham’s request for dismissal of the FTC’s lawsuit against the hotel resort chain as a result of getting hacked.* Wyndham had challenged the FTC’s […]