As a result of recent breaches – including breaches of health information and information held by health insurers – a great deal of attention has recently been focused on state data breach notification requirements. Most States have general data breach notification requirements that apply to all data breaches, including those involving health information. A few […]
Crisis & Data Breach Response
Montana Broadens Data Breach Notification Law
Montana has amended the state’s data breach notification law to both broaden the definition of “personal information” that triggers individual notice and to require notice to the state’s attorney general. The changes become effective on October 1, 2015. Montana has joined several other states, including California and Florida, that include medical-related information in the definition […]
Third Circuit Questions FTC’s Data Security Authority
On March 3, 2015, the Third Circuit heard oral argument in FTC v. Wyndham Worldwide Corp., et al. (“Wyndham”) on the issue of whether the FTC has the authority to regulate private companies’ data security under Section 5 of the FTC Act. This appeal arises out of the District Court’s holding that the unfairness prong […]
Webinar: Advising the C-Suite and Boards of Directors on Cybersecurity
On February 11, 2015, Alston & Bird hosted a webinar entitled “Advising the C-Suite and Boards of Directors on Cybersecurity.” Panelists included Alston & Bird attorneys Jessica Corley, Scott Ortwein and Kim Peretti, with Jim Harvey as the moderator. The cybersecurity legal landscape is rapidly unfolding due to the mass number of companies whose systems, […]
Support Data Privacy Day on January 28, 2015
Did you know January 28 is Data Privacy Day (DPD)? DPD commemorates Convention 108, the first legally binding international treaty dealing with privacy and data protection, signed on January 28, 1981. DPD began in the United States and Canada in January 2008 as an extension of the DPD celebrated in Europe. On January, 27, 2014, […]