On May 13, Nevada Governor Brian Sandoval signed Assembly Bill 179, which expands the definition of personal information for purposes of Nevada’s data breach notification and data security law. Effective July 1, 2015, personal information will include an individual’s medical identification number or health insurance identification number and a user name, unique identifier or email […]
Data Security
NAIC Publishes Principles for Effective Cybersecurity
The National Association of Insurance Commissioners (NAIC) Cybersecurity Task Force adopted Principles for Effective Cybersecurity Insurance Regulatory Guidance on April 16, 2015. The document identifies types of safeguards regulators expect insurers to have in place to protect consumers from cybersecurity breaches. The guiding principles are intended to establish insurance regulatory guidance that promotes coordination and […]
FCC Adopts Consent Order with AT&T Over Alleged Data Security Violations
The Federal Communications Commission (FCC) announced on April 8 that it had adopted a consent decree between its Enforcement Bureau and AT&T Services, Inc. (AT&T), including a civil penalty of $25 million and a requirement to adopt a comprehensive compliance plan, among other actions. The consent decree alleges that AT&T “failed to protect the confidentiality” […]
Kim Peretti and Dominique Shelton Speaking at Georgetown’s 2015 Cybersecurity Law Institute
Kim Peretti and Dominique Shelton will be featured speakers at the 3rd Annual Cybersecurity Law Institute, hosted by Georgetown Law Continuing Legal Education, and co-sponsored by the American Bar Association Cybersecurity Legal Task Force, Bloomberg BNA, and the Center for Internet Security. The Institute, designed by a national advisory board of professionals, will be held on […]
White House Releases Consumer Privacy Bill of Rights
On February 27, 2015, the Obama Administration released a discussion draft of the Consumer Privacy Bill of Rights Act of 2015 (the “Privacy Act”), holding true to President Barack Obama’s commitment in 2012 to introduce legislation to put the Privacy Act’s principles into law. The Privacy Act is intended to “establish baseline protections for individual […]